Kirsty Gibbins reports:
A county woman left permanently disabled after an operation is battling a dental consultant she claims “humiliated and harassed” her by using her confidential medical information without consent.
Lisa McIntosh, of Haddington, underwent a temporomandibular joint (TMJ) operation on her jaw in 2003, which left her blind in her right eye, with partial paralysis of the right side of her face, no sensation along her jaw line and impaired hearing in her right ear.
While compiling a case against the surgeon responsible for the operation, Ms McIntosh’s legal team at Anderson Strathern Solicitors hired Geoffrey D Wood, a consultant oral and maxillofacial surgeon, to write a medico-legal report, which he completed in 2005.
However, two years later it emerged Mr Wood had used information from Lisa’s records, without her knowledge or consent, as material for a lecture at the Action against Medical Accidents (AvMA) conference in Glasgow.
Although Mr Wood, based at BUPA Spire Murrayfield Hospital in Wirral, claimed he altered Ms McIntosh’s biographical information to prevent identification, a solicitor from Anderson Strathern had attended the 2007 conference and immediately recognised Lisa’s case.
Ms McIntosh argues that because her case is unique and well-known within the medical profession – hers is the only recorded case in the UK of blindness following TMJ surgery, a fact acknowledged by Mr Wood – she can never be fully anonymised.
Read more on East Lothian Courier.
So you have knowledge of an unusual case that could really be instructive in your teaching or presentations but because it’s so unusual there’s a risk the patient could be identified. This is not the first time I’ve heard of cases like this. Indeed, I’ve had cases like that in my own practice. I wonder whether if Mr. Wood had sought consent initially if he might have obtained it. In my experience, many patients are somewhat altruistic – if they feel their case or misery could help some other patient, they are often willing to share.
But without that consent, can a professional who acquired information in their professional capacity share the information? No. We may make exceptions to copyright for educational use, but patient confidentiality? Not in my practice. And were this case to happen here, I would hope that relevant state and national organizations would hold that this is unacceptable behavior that violates professional ethical and statutory obligations to protect confidentiality.
The issue, as I see it, is not patient “safety” as much as destroying the trust that patients have in their doctors to keep their information confidential. Does the UK not also have that standard? And if it does, why have the relevant agencies seemingly allowed Mr. Wood to continue in his course of conduct?
Update of Dec. 12, 2011: A news story about the case in The Scotsman today has this statement from the doctor involved:
Mr Wood said: “My duty is to take matters of patient confidentiality very seriously.
“I comply with the letter of the law and would not normally disclose a patient’s clinical information without their consent.
“The Information Commissioner’s Office has concluded that . . . I acted in accordance with the Data Protection Act when handling Ms McIntosh’s information.”
So the ICO gave him a pass? Interesting. I would have liked to see the ICO’s explanation as to why this is permissible.
What is her point? If her case was already “unique and well-known” then what part of her confidentiality was compromised in the presentation?
Good question. Plus, when you sue someone, you give up privacy as things come out in public record of case. But does that give him the right to present info he obtained in confidential relationship without her consent? I don’t think so.
This could be a breach of the UK’s Data Protection Act. The expert who wrote the report and reused the data for a conference obtained the information for limited purposes (i.e. writing the report). If the report is accurate, the expert may have breached the requirement not to reuse data for incompatible purposes. Even if he anonymised the data, the DPA still applies if data can identify a person from other information likely to be available; the unique nature of the case would make this possible.
Thank you. I wonder if she has filed a complaint with the ICO.
It most certainly would be considered a breach: http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/personal_data_flowchart_v1_with_preface001.pdf
The entire document deals with what is (and is not) personal data under the DPA, and there are many examples under which the above would be considered personal data — despite the anonymization — including page 20, where the ICO concludes:
“The Directive provides that “personal data shall mean any information relating to an identified or identifiable natural person …; an identifiable person is one who can be identified, directly or indirectly…”.
This definition would suggest that an organisation would be disclosing personal data where it releases information which can be linked to particular individuals. Taking into account the purpose of the Directive this seems a sensible view. It is a view which the Information Tribunal took when deciding whether a local authority should release the addresses of empty properties.
The Tribunal held that releasing such addresses would involve releasing personal data where the properties were owned by individuals.”
(Tangent: section 7.2 has an example of biscuit-making machinery data that could be considered “personal data.” It’s when I read that example that I finally realized the extent and reach of the DPA.)
See the update on the post. What we might think certainly should be a breach was reportedly not the conclusion of the ICO if the surgeon has reported this accurately.
The previous Commissioner told an official enquiry last week that he was glad he hadn’t prosecuted journalists for DP breaches because it would have been really hard and they would have fought him. You might ask what kind of regulator only enforces against people who are willing to go down without a fight?