Dr Maria Dyban summarises guidance on patient confidentiality and explores situations where information may or may not be shared

dyban maria

Independent content logo

Read this article to learn more about:

  • when confidential information can be disclosed
  • disclosure without consent
  • sharing information with family, carers, and friends.

Key points

 

 

The definition of patient confidentiality is: 'The law whereby a doctor or medical practitioner cannot reveal anything said to them by their patients during consultation or treatment.' 1 Confidentiality is essential to the doctor–patient relationship as without it patients could be reluctant to seek medical help or to give sufficient information for a doctor to provide the necessary treatment. The NHS Confidentiality Code of Practice states:2'Patients entrust us with, or allow us to gather, sensitive information relating to their health and other matters as part of their seeking treatment. They do so in confidence and they have the legitimate expectation that staff will respect their privacy and act appropriately.'

In the case of Hunter v Mann, it was stated that: 3'… the doctor is under a duty not to [voluntarily] disclose, without the consent of the patient, information which he, the doctor, has gained in his professional capacity.'

There is no single statute that governs the law of confidentiality, but it has developed through case law and is supported by various statutes.

In Campbell v Mirror Group Newspapers,4 the House of Lords recognised that medical information is 'obviously private' and should be protected under the European Convention on Human Rights, Article 8,5 (the right to respect for private and family life), which ultimately protects the dignity and autonomy of a person.6

The Data Protection Act 19987 governs the processing of information, including the storing, obtaining, using, and disclosing of confidential patient information. 8 The Computer Misuse Act 1990 makes it a criminal offence for a person to access a database to gain confidential information to which the person is not authorised.9

According to the British Medical Association (BMA), all identifiable patient information held by a healthcare professional in any form is confidential. This information encompasses, for example, clinical information, images of the patient, who the patient's doctor is, what clinics the patient attends and when, and anything else that may be used to identify a patient directly or indirectly. 10

The NHS Confidentiality Code of Practice, by which all NHS staff are bound, sets very clear guidance on how confidential information should be recorded, kept secure, and shared.11 Confidentiality standards set up by professional bodies like the GMC apply to all healthcare professionals including the staff contracted to the NHS and breach of such a duty can become a disciplinary matter. 12,13 The Department of Health also governs the role and responsibilities of Caldicott Guardians, who protect the confidentiality of patient information in every NHS organisation and oversee arrangements for the appropriate use and sharing of information; further details can be found in the Department of Health's Caldicott Guardian Manual 2010.14

Confidentiality 'dos and don'ts' set by NHS England's Confidentiality policy provide simple and useful guidance for all staff working in the NHS; see Box 1, below. 15

Box 1: Confidentiality 'dos and don'ts' 15

Do

  • Do safeguard the confidentiality of all person-identifiable or confidential information that you come into contact with. This is a statutory obligation on everyone working on or behalf of NHS England
  • Do clear your desk at the end of each day, keeping all portable records containing person-identifiable or confidential information in recognised filing and storage places that are locked at times when access is not directly controlled or supervised
  • Do switch off computers with access to person-identifiable or business confidential information, or put them into a password-protected mode, if you leave your desk for any length of time
  • Do ensure that you cannot be overheard when discussing confidential matters
  • Do challenge and verify where necessary the identity of any person who is making a request for person-identifiable or confidential information and ensure they have a need to know
  • Do share only the minimum information necessary
  • Do transfer person-identifiable or confidential information securely when necessary, i.e. use an nhs.net email account to send confidential information to another nhs.net email account or to a secure government domain, e.g.
    gsi.gov.uk
  • Do seek advice if you need to share patient/person-identifiable information without the consent of the patient/identifiable person's consent, and record the decision and any action taken
  • Do report any actual or suspected breaches of confidentiality
  • Do participate in induction, training, and awareness-raising sessions on confidentiality issues.

Don't:

  • Don't share passwords or leave them lying around for others to see
  • Don't share information without the consent of the person to which the information relates, unless there are statutory grounds to do so
  • Don't use person-identifiable information unless absolutely necessary, anonymise the information where possible
  • Don't collect, hold or process more information than you need, and do not keep it for longer than necessary.

When can confidential information be disclosed?

Confidential information can be disclosed if: 16

  • a patient gives his/her express or implied consent to the disclosure
  • the disclosure is required by law or is justified in the public interest.

Consent to the disclosure can be considered to be implied in a number of circumstances, listed below.17

1. When healthcare practitioners share information within the healthcare team

All members of staff who provide care to the patient are bound by a duty of confidentiality and the patient should be informed of this. If a patient objects to the sharing of information and you consider that it is not possible to provide them with safe care without sharing such information, you should explain this to them and advise them that it may not be possible to refer them for treatment.

2. For the purposes of clinical audit

Information for clinical audit should be anonymised where possible; when anonymised, the information ceases to be confidential. Confidential information can be included in a clinical audit only if a patient is informed of this and he/ she does not object.18 Express consent should be sought for the disclosure of identifiable information for any clinical audit conducted outside the team that has provided care.

If information is required by third parties, such as an insurer, employer, or agency assessing benefits,19 express consent should be sought for such disclosures. Written consent should be sought from the patient or person authorised to act on the patient's behalf. The patient must be informed that information cannot be concealed or withheld in these circumstances, but only relevant and factual information should be disclosed. A copy of the report should be offered to the patient unless:

  • the patient informs you otherwise
  • the information could cause serious harm to the patient or others
  • the report reveals information about another person who does not consent.

As mentioned above, disclosure of personal information can be made without the patient's consent if it is required by law or justified in the public interest.20

Disclosures required by law

Disclosures required by law according to General Medical Council (GMC) guidance are: 21

  • notifications of specific infectious diseases 22
  • disclosures to various regulatory bodies (e.g. the GMC). Certain regulatory bodies have statutory powers to access patient records. Despite the fact that consent is not required for such disclosure, the patient should be informed unless it would undermine the purpose
  • disclosure to courts if information is ordered by a judge or presiding officer of a court. You can object to disclosing confidential information that you feel is irrelevant to the proceedings. You must not disclose information without the patient's consent to a solicitor, police officer, or officer of court unless it is required by law or justified in the public interest.

The BMA gives additional examples of disclosures required by statute: 23

  • Abortion Regulations 199124—a doctor carrying out a termination of pregnancy must notify the Chief Medical Officer, giving a reference number and the date of birth and postcode of the woman concerned
  • Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1985 25—deaths, major injuries, and accidents resulting in more than 3 days off work, certain diseases, and dangerous occurrences must be reported
  • Road Traffic Act 198826—healthcare professionals must provide to the police, on request, any information that may identify a driver alleged to have committed a traffic offence
  • Terrorism Act 200027—all citizens, including healthcare professionals, must inform police as soon as possible of any information that may help to prevent an act of terrorism, or help in apprehending or prosecuting a terrorist
  • Information Sharing Index (England) Regulations 2006 (ContactPoint)28—healthcare professionals must provide basic identifying information to the local authority for every child up to the age of 18 years.

Disclosures in the public interest

Disclosures in the public interest are justified to protect individuals or society from risk of serious harm, such as crime or serious communicable disease.29 If the benefits to society outweigh the public and patient's interests in keeping information confidential then it can be disclosed without consent. The patient must be informed of the disclosure even if you have not sought the consent. The disclosure would be justified in order to assist in the prevention, detection, or prosecution of serious crime and to protect others, including children, from various type of violence.30 In its supplementary guidance on confidentiality and the public interest, the Department of Health provides an algorithm on how to apply these principles. 31

If a patient's identifiable information is required in the public interest, the patient's consent should be sought unless it will put you or others at risk of serious harm or undermine the purpose of disclosure. The other exception would be in cases where action must be taken quickly and there is insufficient time to contact the patient.32

Disclosure can only be obtained without consent if it is required by law, approved under section 251 of the NHS Act 2006, 33 or justified in the public interest and: 34,35

  • identifiable information is necessary
  • it is not practicable to anonymise or code it
  • and, in either case, it is not practicable to seek consent (or efforts to seek consent have been unsuccessful).

Information can be disclosed in the public interest if it will benefit society over time for use in medical research, epidemiology, public health surveillance, health service planning, and education.36 In the majority of these cases, information can be anonymised, but when this is not practicable, patients' express consent should be sought.

A mentally competent patient who is at risk of serious harm and who declines information to be shared must be warned of the risks, but the patient's decision must be respected.37 Information can, however, be shared without the patient's consent if failure to do so will put other people at risk of serious harm.38

Sharing information with family, carers, and friends

It should be established with a patient who has the required mental capacity what information they want to be shared, and with whom. If a patient lacks capacity, it is reasonable to assume that they would like information to be shared with people closest to them unless the patient has suggested otherwise.39

Mentally incapable adults

When deciding whether to disclose information about mentally incompetent adults, you must make the care of the patient your first concern, encourage the patient to get involved, respect their dignity, and take into account their previous wishes, feelings, beliefs, and values. 40 If incapacity is temporary, you should consider whether the decision making could be delayed. Views of Lasting Powers of Attorney for a mentally incompetent person should be sought and advance decisions should be followed.40,41 In cases where a person is at risk of neglect or abuse, information must be disclosed without any delay to an appropriate responsible person or authority. 42

People who have died

The duty of confidentiality continues after a person dies, especially if the person asked for information to remain confidential. 43

Relevant information about a person who has died should be disclosed in the following circumstances:44

  • to help a coroner or procurator fiscal with an inquest or fatal accident enquiry
  • if required by law, authorised under section 251 of the NHS Act 2006,33 or justified in the public interest (e.g. for education or research purposes)
  • for National Confidential Inquiries or for local clinical audit
  • on death certificates
  • for public health surveillance (anonymised or coded information)
  • if a parent asks for information surrounding a child's death
  • when a partner, close relative, or friend asks for information about the circumstances of an adult's death and you have no reason to believe that the patient would have objected to such a disclosure
  • when a person has a right of access to records under the Access to Health Records Act 199045 or Access to Health Records (Northern Ireland) Order 1993.46

Children

The same duty of confidentiality applies to children and young people as to adults. 47 To share information, consent should be sought from a competent minor otherwise consent can be obtained from a person with parental responsibility. For more information on assessment of child competence and parental responsibility, see my previous Guidelines in Practice article on patients who may lack capacity. 48

It should be explained to both the child and parent/s or carer/s why information needs to be shared, with whom, and how it will be used.49 Sharing relevant information should not be delayed if this puts the child at increased risk of abuse or neglect. 50,51

If a child lacks capacity and cannot be persuaded to involve his/her parents, personal information can be disclosed to parents or authorities if it is in the child's best interests.52

Information can be shared without consent in cases where: 53,54

  • there is an overriding public interest in the disclosure, including when—
    • a child is at risk of abuse
    • for the prevention of serious crime
    • if child's behaviour may put them or others at risk of serious harm
  • when the disclosure is in the best interests of a child who does not have the maturity to understand the decision about the disclosure
  • it is required by law.

The patient should be informed that the information is shared, unless doing so would put the child at increased risk.55 General Medical Council guidance states that practitioners should be aware of the work of Local Safeguarding Children's Boards and Child Protection Committees as well as policies and procedures of organisations that work to protect children.56 According to the Intercollegiate Document on Safeguarding children and young people, the current requirement for GPs is to gain level 3 competences in safeguarding children training.57

Conclusion

When making a decision on disclosure of confidential information you must weigh the benefits of disclosure against the harms of non-disclosure of such information. If in doubt whether to disclose information or not you should contact an experienced colleague, Caldicott Guardian or, for example, a designated doctor in child protection.58 You must seek the patient's consent for the disclosure unless it is impracticable, increases the risk of harm, or would prejudice the purpose of the disclosure.59 You must make clear documentation and reasons behind the disclosure as if challenged in future you should be able to justify your decisions.

Key points

  • The law of confidentiality has developed through case law and is supported by various statutes
  • All identifiable patient information held by a healthcare professional in any form is confidential
  • All members of healthcare staff are bound by a duty of confidentiality
  • The NHS Confidentiality Code of Practice11 sets very clear guidance for all healthcare staff on how confidential information should be recorded, kept secure, and shared
  • Confidential information can be disclosed if:
  1. a patient gives his/her express or implied consent to the disclosure
  2. the disclosure is required by law or is justified in the public interest
  • For a patient who has the required mental capacity, practitioners should establish what information they want to be shared, and with whom
  • Special provisions apply to sharing information regarding:
  1. mentally incompetent adults
  2. people who have died
  3. children.

Back to top

References

  1. Collins online dictionary. www.collinsdictionary.com/ dictionary/english (accessed 15 June 2015).
  2. Department of Health. Confidentiality: NHS Code of Practice. DH, November 2003: para 10, p.11. Available at: www.gov.uk/government/publications/confidentiality-nhs-code-of-practice (accessed 15 June 2015).
  3. Hunter v Mann [1974] QB 767, [1974] 2 All ER 414 at 417 cited by Mason J, Laurie G. Mason and McCall Smith's law and medical ethics. 8th edn. Oxford: Oxford University Press, 2001: 6.01, p.172.
  4. Campbell v Mirror Group Newspapers [2004] 2 AC 457, [2004] UKHL 22.
  5. European Court of Human Rights. Council of Europe. European Convention on Human Rights (as amended). Available at: www.echr.coe.int/Documents/Convention_ENG.pdf (accessed 16 June 2015).
  6. Herring J. Medical law and ethics. 3rd edn. Oxford: Oxford University Press, 2010: p.218 of Campbell case, Lord Hoffman at para 53.
  7. Data Protection Act 1998 (as amended). Available at: www.legislation.gov.uk/ ukpga/1998/29/contents (accessed 16 June 2015).
  8. Department of Health. Confidentiality: NHS Code of Practice. DH, November 2003: para 31, p.13. Available at: www.gov.uk/government/publications/confidentiality-nhs-code-of-practice (accessed 15 June 2015).
  9. Computer Misuse Act 1990, s 2. Available at: www.legislation.gov.uk/ukpga/1990/18 (accessed 15 June 2015).
  10. British Medical Association. Confidentiality and disclosure of health information tool kit. London: BMA: Card 2, p.8. Available at: bma.org.uk/practical-support-at-work/ethics/confidentiality-and-health-records/confidentiality-tool-kit (accessed 15 June 2015).
  11. Department of Health. Confidentiality: NHS Code of Practice. DH, November 2003: Annex A1, .p.16–19. Available at: www.gov.uk/government/publications/confidentiality-nhscode- of-practice (accessed 15 June 2015).
  12. British Medical Association. Confidentiality and disclosure of health information tool kit. London: BMA: Card 3, paras 1–2, pp.14–15. Available at: bma.org.uk/practical-supportat- work/ethics/confidentiality-and-healthrecords/ confidentiality-tool-kit (accessed 15 June 2015).
  13. Department of Health. Confidentiality and disclosure of information: general medical services (GMS), personal medical services (PMS), and alternative provider medical services (APMS) Code of Practice. 24 March 2005. Available at:bma.org.uk/practical-support-at-work/ethics/ confidentiality-and-health-records (accessed 30 June 2015).
  14. Department of Health. The Caldicott Guardian manual 2010. London: DH, 1 March 2010. Available at: systems.hscic.gov.uk/infogov/ caldicott/caldresources/guidance (accessed 6 July 2015).
  15. NHS England. Confidentiality policy. June 2014. Appendix A (pp.17–18). Available at: www.england.nhs.uk/wp-content/ uploads/2013/06/conf-policy-1.pdf (accessed 30 June 2015).
  16. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 8, p.6. Available at: www. gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  17. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 25–29, pp.12–13. Available at: www.gmc-uk.org/guidance/ ethical_guidance/confidentiality.asp (accessed 15 June 2015).
  18. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 30–33, pp.13–14. Available at: www.gmc-uk.org/guidance/ ethical_guidance/confidentiality.asp (accessed 15 June 2015).
  19. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 34, pp.14–15. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  20. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 8, p.6. Available at: www. gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  21. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 17–23, pp.10–11. Available at: www.gmc-uk.org/guidance/ ethical_guidance/confidentiality.asp (accessed 15 June 2015).
  22. Health Protection Agency in England and Wales, Communicable Disease Surveillance Centre in Northern Ireland and Health Protection Scotland, Public Health (Control of Disease) Act 1984 www.legislation.gov.uk/ ukpga/1984/22 (as amended), Public Health (Infectious Diseases) Regulations 1988, SI 1988 No. 1546 www.legislation.gov.uk/ uksi/1988/1546/introduction/made
  23. British Medical Association. Confidentiality and disclosure of health information tool kit. London: BMA: Card 9, pp.39–40. Available at: bma.org.uk/practical-support-at-work/ethics/confidentiality- and-health-records/confidentiality-tool-kit (accessed 15 June 2015).
  24. Abortion Regulations 1991, SI No 1999/499. Available at: www.legislation.gov.uk/ uksi/1991/499/contents/made (accessed 17 June 2015).
  25. Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013. SI 2013 No. 1471. Available at: www.legislation.gov.uk/uksi/2013/1471/contents/made (accessed 17 June 2015).
  26. Road Traffic Act 1988. Available at: www. legislation.gov.uk/ukpga/1988/52/contents (accessed 17 June 2015).
  27. Terrorism Act 2000. Available at: www. legislation.gov.uk/ukpga/2000/11/contents (accessed 17 June 2015).
  28. Information Sharing Index (England) Regulations 2006. SI 2006 No 983. Available at: www.legislation.gov.uk/uksi/2006/983/ contents/made (accessed 17 June 2015).
  29. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 36–39, pp.16–17. Available at: www.gmc-uk.org/guidance/ ethical_guidance/confidentiality.asp (accessed 15 June 2015).
  30. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 54–56, pp.22. Available at: www.gmc-uk.org/guidance/ethical _guidance/confidentiality.asp (accessed 15 June 2015).
  31. Department of Health. Confidentiality: NHS Code of Practice. Supplementary guidance: public interests disclosures. DH, November 2010. Available at: www.gov.uk/government/publications/confidentiality-nhs-code-of-practice (accessed 15 June 2015).
  32. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 38(d), p.17. Available at: www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  33. National Health Service Act 2006. Available at: www.legislation.gov.uk/ukpga/2006/41/ contents (accessed 17 June 2015).
  34. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 36, 40–45, pp.16, 18–19. Available at: www.gmc-uk.org/guidance/ ethical_guidance/confidentiality.asp (accessed 15 June 2015).
  35. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 42, p.18. Available at: www.gmc-uk.org/guidance/ethical_guidance/confidentiality.asp (accessed 15 June 2015).
  36. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 40, p.18. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  37. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 51, p.21. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  38. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 53, p.21. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  39. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 64–66, p.26. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  40. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 59–60, p.23. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  41. Dyban M. GPs need to advise patients on options for future incapacity. Guidelines in Practice, April 2013. Available at: www. guidelinesinpractice.co.uk/apr_13_dyban_ incapacity_apr13 (accessed 15 June 2015).
  42. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 63, p.25. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  43. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 70, p.28. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  44. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: para 71, pp.28–29. Available at:www.gmc-uk.org/guidance/ethical_guidance/ confidentiality.asp (accessed 15 June 2015).
  45. Access to Health Records Act 1990. Available at: www.legislation.gov.uk/ukpga/1990/23/ contents (accessed 17 June 2015).
  46. Access to Health Records (Northern Ireland) Order 1993. Available at: www.legislation.gov. uk/nisi/1993/1250/contents (accessed 17 June 2015).
  47. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 43, p.18. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  48. Dyban M. Patients who may lack capacity need careful assessment. Guidelines in Practice, November 2014. Available at: www. guidelinesinpractice.co.uk/nov_14_Dyban_ consent (accessed 16 June 2015).
  49. General Medical Council. Protecting children and young people: the responsibilities of all doctors. London: GMC July 2012: para 35, p.24. Available at: www.gmc-uk.org/static/ documents/content/Protecting_children_ and_young_people_English_0315.pdf (accessed 16 June 2015).
  50. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 59, p.24. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  51. General Medical Council.Protecting children and young people: the responsibilities of all doctors. London: GMC July 2012: para 32, p.23. Available at: www.gmc-uk.org/static/ documents/content/Protecting_children_ and_young_people_English_0315.pdf (accessed 16 June 2015).
  52. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 51, p.22. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  53. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 46, p.19. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  54. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 49, p.21. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  55. General Medical Council. Protecting children and young people: the responsibilities of all doctors. London: GMC July 2012: p.21. Available at: www.gmc-uk.org/static/ documents/content/Protecting_children_ and_young_people_English_0315.pdf (accessed 16 June 2015).
  56. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 58, p.24. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  57. Royal College of Paediatrics and Child Health.Safeguarding children and young people: roles and competences for health care staff. Intercollegiate Document. 3rd edn. London: RCPCH, March 2014: p.67. Available at: bit. ly/RCPCH_Safeguarding_children_and_ young_people_roles_and_competences (accessed 15 June 2015).
  58. General Medical Council. 0–18 years: guidance for all doctors. London: GMC, 15 October 2007: para 60, p.25. Available at: www.gmc-uk. org/static/documents/content/0_18_years_ guidance_for_all_doctors.pdf (accessed 16 June 2015).
  59. General Medical Council. Confidentiality guidance for doctors. London: GMC, 12 October 2009: paras 37, 39, pp.16–17. Available at: www.gmc-uk.org/guidance/ethical_ guidance/confidentiality.asp (accessed 15 June 2015).