Patients must be able to trust that what they discuss with their doctor is not simply shared with others.
That trust is at the core of medical care. That is why every doctor is legally obliged to adhere to professional secrecy.
Yet it happens that medical data is shared incorrectly - with family members, employers, insurers or other authorities. In this blog we explain what professional secrecy entails, when a doctor may share information, and what you can do if your privacy has been violated.
What does professional secrecy entail?
Professional secrecy means that a doctor may not share information about a patient with third parties, unless permission has been given or a legal exception applies.
This obligation is laid down in:
the Medical Treatment Agreement Act (WGBO), and
the Act on the Professions in Individual Healthcare (BIG Act).
Professional secrecy applies not only to doctors, but also to:
nurses, physiotherapists and psychologists;
dentists, specialists and other healthcare providers;
and anyone who has professional access to medical data, such as doctor's assistants and administrative staff.
In short: everything a patient says, everything that is examined and everything that is in the file is covered by professional secrecy.
Why does it exist? professional secrecy?
Professional secrecy is intended to protect the confidence between doctor and patient.
Without that trust, many people would be reluctant to talk openly about their complaints, fears or history.
Professional secrecy therefore has a double function:
Protection of the patient's privacy, and
Promotion of good care.
A doctor may only provide good care if the patient dares to be completely honest — and this is only possible when medical information remains confidential.
When is a doctor allowed to share information?
In principle, a doctor may not share anything without permission.
But there are exceptions in which sharing information may be justified or even mandatory.
The most important exceptions are:
Consent from the patient
If the patient gives explicit permission to share certain data (for example with a partner or treating specialist), this is allowed.
This permission must be voluntary, specific and informed.Legal obligation
In some cases, a doctor is legally obliged to provide information, for example:to the GGD at notifiable infectious diseases;
to the police or judiciary by a court order;
to insurers for certain medico-legal examinations, provided that the patient has given permission for this.
Compelling interest
In rare situations, a doctor may break professional secrecy if there is a important social interest, such as the prevention of serious danger to others.
This is only allowed if there is no other way to avert that danger.
In such a case, a doctor must always be able to explain why he has breached his duty of confidentiality - and carefully record that decision.
When is there a violation of professional secrecy?
A violation occurs if a doctor shares information without a legal basis or permission from the doctor. patient.
This may include, for example:
passing on medical information to the employer;
discussing your situation with family members without permission;
sharing information with an insurer or municipality without your knowledge;
unsecured sending of medical information by e-mail;
or unauthorized persons viewing your file staff.
Such a violation is not only an invasion of your privacy, but can also lead to disciplinary, civil and criminal consequences for the doctor.
Consequences for the doctor in the event of a violation
A doctor who violates his professional confidentiality may face:
a
(such as a warning, reprimand or even removal from the BIG register); liability for damages, if you have suffered damage as a result of the violation;
and in exceptional cases even criminal prosecution.
A patient can also complain to the hospital, the complaints committee or the Dutch Data Protection Authority (AP).
What can you do in the event of a breach of your professional confidentiality?
If you suspect that your medical data has been wrongly shared, you can take the following steps:
Ask the doctor or healthcare institution for an explanation
First ask your doctor or institution what exactly happened and why your data was shared.
Sometimes it turns out that there was permission or that there was a legal obligation.Request access to your file
You have the right to inspect your medical file. This can show who had access and what data was provided.
Read more about this in our blog Medical file: access, copy and correction.Submit a complaint to the healthcare provider
Every healthcare institution is obliged to have a complaints procedure. You can indicate in writing what you think went wrong.Submit a complaint to the Dutch Data Protection Authority (AP)
If your medical data has been shared without a lawful basis, you can file a complaint with the AP for violation of the GDPR (privacy legislation).Involve a lawyer
If damage has occurred - for example emotional damage or damage to reputation - you can consider asking the doctor or institution liable.
Evidence in the event of a breach of professional secrecy
In many cases it is difficult to prove that your data has actually been shared.
A lawyer can help by:
demanding access to log files on the basis of the GDPR or WGBO (who has viewed your file?);
testifying
and to legally analyze the correspondence with healthcare providers.
At Arslan Advocaten we support patients in collecting this evidence and in drawing up a formal liability claim.
The relationship with medical liability
A violation of professional secrecy can in itself be a ground for compensation, but also often plays a role within broader medical liability cases.
For example:
when confidential information has been shared with an insurer during an ongoing personal injury case;
or when medical data has been used without permission in a legal procedure.
In such situations there may be both a violation of the privacy rights as a medical error.
You can read more about this in our blog Medical liability: when is a doctor or hospital liable?.
Why legal help is important
Breach of professional secrecy is legally complex and affects both health law and privacy law.
At Arslan Advocaten we assess whether an unlawful act has occurred and we help you obtain evidence, and we will recover any damage from the responsible party.
Our help is free of charge for victims, because the costs are recovered from the liable party.
Why choose Arslan Advocaten?
Specialized in medical liability and health law
Expert in privacy and professional secrecy matters
Help with complaints, damage claims and gathering evidence
Free legal assistance for victims
We ensure that your medical privacy is protected – and that violations do not go without consequences.