Patient-Doctor Confidentiality

Confidentiality is a set of rules that dictates the protection of health information shared by a patient with a physician. In general, this information should only be used to dictate medical decision-making steps and can only be disclosed to a 3rd party with the patient’s express consent. While there are some specific situations where patient-doctor confidentiality may be broken (e.g., when the patient is at risk for self-harm), these situations are considered exceptions and clinicians ought to make sure that confidentiality is not unnecessarily jeopardized.

Last update:

Table of Contents

Share this concept:

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email
Share on whatsapp



Confidentiality describes a set of principles observed to maintain private information shared by a patient with their doctor during the course of their medical care.

  • Done with the intent of protecting the patient’s intimacy and privacy
  • Underlying principles: 
    • Do no harm
    • Respect for autonomy 
  • Protected health information (PHI): information generated while providing medical care that can be used to identify a patient
  • PHI may only be communicated with 3rd parties after patients provide express consent.


  • Many countries protect the confidentiality of medical information by law.
  • In the United States, protection of medical information is required by the Health Insurance Portability and Accountability Act (HIPAA): All medical staff should be familiarized with the local legislation regarding the handling of medical information and the institutional protocols for compliance.
  • Security rule: protection of electronically stored PHI (ePHI) via adequate administrative, physical, and technical safeguards
  • Physicians must use discretion to communicate with patients when using electronic communication and/or social media while remaining compliant with the HIPAA. 

Breaches of confidentiality

  • Violations must be self-reported to the competent government body (Department of Health and Human Services (HHS) in the United States).
  • Penalties depend on the jurisdiction and local penal code but can be as high as $1.5 million in the US for willful neglect.

Limits of Confidentiality

There are situations when confidentiality may be breached. While there is no legal obligation to inform patients of the limits of confidentiality, some argue that there is an ethical duty to do so.

Adequate disclosure

Discussion of PHI for clinical purposes is covered under HIPAA, including:

  • Discussion with other clinicians
  • Contextual information to demonstrate pertinence for diagnostic imaging modalities, laboratory tests, and/or pathology
  • Referral to other institutions

Inability to give consent

The clinician must use the information to act according to the patient’s best interests if a situation arises where the patient is unable to provide consent of disclosure:

  • The patient is determined to be incapable.
  • Medical emergencies (e.g., MI, life-threatening trauma)
  • Inability to express consent due to the current diagnosis (e.g., coma)

Exceptions due to requests from public health bodies or law enforcement

  • Threat to public health
  • Investigations of child or elder abuse
  • Investigations of fraud
  • Imminent threat to self or identifiable 3rd parties 
  • Threat to national security


  1. Tariq, R.A., Hackert, P.B. (2021). Patient confidentiality. StatPearls. Treasure Island (FL): StatPearls Publishing.
  2. Darby, W.C., Weinstock, R. (2018). The Limits of Confidentiality: Informed Consent and Psychotherapy. Focus (American Psychiatric Publishing), 16(4), 395–401.

Study on the Go

Lecturio Medical complements your studies with evidence-based learning strategies, video lectures, quiz questions, and more – all combined in one easy-to-use resource.

Learn even more with Lecturio:

Complement your med school studies with Lecturio’s all-in-one study companion, delivered with evidence-based learning strategies.

🍪 Lecturio is using cookies to improve your user experience. By continuing use of our service you agree upon our Data Privacy Statement.