IDEAS home Printed from https://ideas.repec.org/a/oup/medlaw/v29y2021i3p411-445..html
   My bibliography  Save this article

Signalling Standards for Progress: Bridging the Divide Between a Valid Consent to Use Patient Data Under Data Protection Law and the Common Law Duty of Confidentiality

Author

Listed:
  • Edward S Dove
  • Mark J Taylor

Abstract

In this article, we analyse the legal components of disclosing confidential patient information under the UK’s common law duty of confidentiality (CLDoC) and processing personal (health) data under the UK’s General Data Protection Regulation (GDPR) and Data Protection Act 2018. We describe the ostensible divide between the CLDoC and data protection law when it comes to the requirements of a valid signal of consent by a patient to use and disclose patient information, obtained by a health professional in the context of direct care, for health care and health research purposes. Ultimately, our analysis suggests that we are saddled, at least in the medium term, with two regimes operating with different standards of a valid consent—while putatively protecting similar interests. There is, however, opportunity for progress. It is possible to improve professional guidance on the interaction between the regimes and to achieve significant normative alignment without aligning the signalling standard for consent; this would promote consistent protection of reasonable expectations of patients across both regimes. Further coherence would require aligning not only the standard, but also the role played by consent under each regime. Here we argue that, in relation to direct care, any such shift should be away from consent as the normal justification. In relation to health research, on the contrary, it should be toward consent as the normal justification for use and disclosure of patient information under both the CLDoC and data protection law.

Suggested Citation

  • Edward S Dove & Mark J Taylor, 2021. "Signalling Standards for Progress: Bridging the Divide Between a Valid Consent to Use Patient Data Under Data Protection Law and the Common Law Duty of Confidentiality," Medical Law Review, Oxford University Press, vol. 29(3), pages 411-445.
    • Handle: RePEc:oup:medlaw:v:29:y:2021:i:3:p:411-445.
    as

    Download full text from publisher

    File URL: http://hdl.handle.net/10.1093/medlaw/fwab014
    Download Restriction: Access to full text is restricted to subscribers.
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:oup:medlaw:v:29:y:2021:i:3:p:411-445.. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Oxford University Press (email available below). General contact details of provider: https://academic.oup.com/medlaw .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.