Part of A guide to confidentiality in health and social care: references
Section 4: Human Rights Act provisions
Whereas common law confidentiality protects confidential information, the Human Rights Act (HRA)1998 establishes the principle of privacy, conferring rights on individuals to be able to operate without arbitrary interference in their affairs, by incorporating the European Convention on Human Rights (ECHR) into English law.
Everyone has the right to respect for his private and family life, his home and his correspondence.
Legislation generally must also be compatible with the HRA 1998, so any proposal for setting aside obligations of confidentiality through legislation must:
a. pursue a legitimate aim
b. be considered necessary in a democratic society; and
c. be proportionate to the need
Rights under the HRA 1998 are enforceable against public bodies, such as NHS organisations, and cover health records as these contain private information relating to a person’s health. These rights may be extended to independent sector providers where they provide publicly-funded care through contractual arrangements.
The right to privacy in the ECHR is not absolute, but qualified. Article 8(2) states that there shall be “no interference by a public authority” other than in certain special circumstances, including “for the protection of health”. However, any interference with privacy must meet a “pressing social need”, must be “no greater than is proportionate to the legitimate aim pursued” and must be justified by reasons that are relevant and sufficient for the purpose.
In general, compliance with the Data Protection Act 1998 and the common law of confidentiality will satisfy HRA requirements. However, this is a complex area of law that is open to interpretation by the courts, meaning that specific legal advice should besought to ensure compliance in the particular circumstances.
Last edited: 13 January 2022 12:51 pm