A duty of confidence arises in favour of the patient if the patient gives his personal medical information to a doctor in the course of the doctor-patient relationship. There is a public interest in maintaining a duty of confidence. It is a common law principle that in circumstances a duty of confidence may arise. It would amount to a breach of the duty of confidence even if information is given without disclosing the name of the patient. The Court of Appeal has set out the following requirements for a duty of confidentiality:
(a) The information must have the quality of confidence;
(b)The information must be given in circumstances implying an obligation of confidence;
(c) There must be an unauthorized use of the information;
(d) The patient had no proprietary right in the prescription form or the information on it and therefore, had no right to control its use if privacy was not at risk.
Confidential information can sometimes be disclosed in some exceptional cases but disclosure should be made only to an appropriate person for particular purposes. The Police and Criminal Evidence Act, 1984, The Data Protection Act, 1998, Access to Medical Reports Act, 1988, The Access to Health Records Act, 1990 and the Human Rights Act, 1998 governs the confidentiality of medical records.