PATIENT CONSENT, CAPACITY &

CONFIDENTIALITY
Wong Hei Yi
18/11/2020
26 October 2022
CONSENT

Photo credit: https://www.nytimes.com/2009/07/30/health/30chen.html

DEFINITION
! “The state of mind of competent persons to the proposed
treatment” (Sidaway v Board of Governors of Bethlem Royal
Hospital [1985] AC87)

! Importance of Consent: any physical contact or intervention

on patients’ body without their approval amounts to an
assault or battery.
IMPORTANCE OF CONSENT
! In the past, the healthcare worker has been perceived as
“expert” and was superior than the lay patient.

! The physician-patient relationship therefore used to be

paternalistic and authoritative in nature.

! However, with the uprising of concept of patients’ right as

well as educational level, the situation has changed.
IMPORTANCE OF CONSENT
! Any physical contact or intervention on patients’ body
without approval amounts to an assault.
ACTION WITHOUT CONSENT
Chatterton v Gerson [1891] QB432

! Facts: Ms. Chatterton had an annoying chronic post-

operative scar. She intended to undergo nerve-block for
pain-relief. Her doctor had NOT informed her the risk of
procedure, i.e. loss of sensation in her leg, which happened.
ACTION WITHOUT CONSENT

! Issue: Was the consent of Ms. Chatterton valid?

! Held: Ms. Chatterton’s consent was valid because she had

agreed to the broad nature of the procedure. Yet, physician
can be sued for battery when the procedure consented to
was completely different from that was carried out.
THE CONSENT PROCESS
! THREE Elements of a Valid Consent
1. Competent and Intact Mind of the Patient
2. Voluntariness
3. Provision of Necessary and Relevant information to
make a reasoned choice
COMPETENT AND INTACT MIND
! Possession of competent mind is the prerequisite of
making reasonable decisions

! However, entirely “normal” mental state is not required

! Autonomy to self-determination is subject to appropriate

degree of mental capacity necessary in the particular
situation

! Mental disorders will not automatically deter the patient

from capacity to decide
COMPETENT AND INTACT MIND
! In common law, there is a rebuttable resumption of
possession of mental capacity for all adults (Re T (Adult:
Refusal of Treatment) [1993] Fam 95)

! While the presumption is endorsed in England under s.1(2)

of Mental Capacity Act 2005, there is no reciprocal
provision in the Mental Health Ordinance (Cap.136) of
Hong Kong
COMPETENT AND INTACT MIND
! It does not matter if one possess a mental condition, as long
as if one can sufficiently understand the nature,
purpose and effect of the treatment, and can weigh and
balance the information to arrive to his own choice (Re C
(Adult: Refusal of Treatment) [1994] 1 WLR 290)

! Principle codified in England - s.3(1) of Mental Capacity Act

2005

! Again, no corresponding legislation in Hong Kong

COMPETENT AND INTACT MIND
! “Doctors should consider whether at the time he had a
capacity which was commensurate with the gravity of the
decision which he purported to make. The more serious the
decision, the greater the capacity required” (Re MB
(Caesarean Section) [1997] 2 FLR 426)
COMPETENT AND INTACT MIND
! To recap, the FOUR elements of intact mind are:
1. Capable to comprehend information explained to him/
her;
2. Able to retain the information for reasoning;
3. Ability to analyze the situation based on the information
provide; and
4. Able to communicate his/her decision
VOLUNTARINESS
! Common Law Test:
! “… is he merely saying it for a quiet life, to satisfy
someone else or because the advice and persuasion to
which he has been subjected is such that he can no
longer think and decide for himself” (Re T (Adult:
Refusal of Treatment) [1993] Fam 95)
VOLUNTARINESS
! Factors to consider when deciding if a consent is
voluntary (U v Centre for Reproductive Medicine
[2002] Lloyd’s Rep Med 259) such as:
! Patient’s level of education;
! Health status; and
! Being in a position of responsibility
that would weigh against an inference of coercion.
PROVISION OF INFORMATION
! “Informed”- Not a necessary requirement in English Law
to provide all relevant information (Sidaway v Board of
Governors of Bethlem Royal Hospital [1985] AC 871]
! There must be provision of all information relevant and
necessary to make an informed choice.
! Inherent and implied in this requirement is adequate
understanding of those presented information by the
consenting patient.
! In other words, it does not mean telling everything – it
simply means those which would affect the decision-
making.
PROVISION OF INFORMATION
! “Sufficient Information”: There must be sufficiency of
information provided so as to enable a reasonable
understanding of the nature of the proposed intervention
in order to reach a considered decision.

! In Chatterton v Gerson [1981] QB 432, the doctor did not

informed the patient the risk of losing sensation in her
limbs that a nerve block operation could result. Justice
Bristow rejected the charge of assault, stating that “in my
judgment once the patient is informed in broad terms of
nature of the procedure which is intended, and gives her
consent, and the consent is real, and the course of action on
which to base a claim for failure to go into risk and
implications is negligence, not trespass.”
PROVISION OF INFORMATION
! However, this position which protects the doctor from
charges of assault when they have failed to obtained a valid
consent is changed.

! See Chester v Afshar [2004] 4 All ER 587 and

Montgomery v Lanarkshaire Health Board [2015]
UKSC 11
PROVISION OF INFORMATION
! “Patient’s opportunity and responsibility to ask for
clarification” – in Sidaway v Board of Governors of
Bethlem Royal Hospital Governors [1985] AC871, Lord
Templeman expressed the view that the entire burden of
communication should not be merely shouldered by the
doctor.

! On the Sidaway standard, a doctor has the duty of deciding

what information should be provided to the patient, and at
the same time patient must also make good use of their
privilege to clarify queries and confusions to enable a
considered decision to be made.
PROVISION OF INFORMATION
! “Opportunity to Cool-down”: Reasonable time should be
allowed for the patient to think over if possible – See 2016
Code of MCHK;

! Chances should be given for discussions with family and

friends, or even for a consultation for second opinion.

! It should be noted that consent is an on-going process,

not just a one-off signature.
THE MEDICAL STANDARD FOR
INFORMATION DISCLOSURE
Sidaway v Board of Governors of Bethlem
Royal Hospital Governors [1985] AC871
! Mrs. Sidaway was suffering from neck pain and
consented to surgical decompression. However, she
was not warned of the less than 1% risk of paraplegia.
The House of Lords rejected the claimant’s lawsuit, on
the ground that consent did not require an elaborate
explanation of remote side effects and complications.
THE MEDICAL STANDARD FOR INFORMATION
DISCLOSURE
Sidaway v Board of Governors of Bethlem
Royal Hospital Governors [1985] AC871
! (cont’d.) Lord Diplock, Bridge and Keith held that the
relevant test in English Law should be medical
standard, a.k.a., the Bolam principle.
! According to Lord Bridge, “a decision on what degree
of disclosure of risks is best calculated to assist a
particular patient to make a rational choice as to
whether or not to undergo a particular treatment
must primarily be a matter of clinical judgment.”
! However, Lord Scarman and Templeman dissented,
arguing the Bolam principle should not be applied to
issue of consent.
THE MEDICAL STANDARD FOR
INFORMATION DISCLOSURE
! As depicted in the Sidaway case, the legal standard
as applied to information disclosure which has long
been accepted was the Bolam medical test, which is
the test for assessing medical negligence in diagnosis
and treatment.
! Essentially, the test was based on “the standard of
the ordinary skilled men exercising and professing
to have that special skill”
! Yet, there is always a debate about the right of a
patient to decide whether to undergo the treatment
recommended by a doctor, even if the decision was
purely subjectively and might seem irrational.
THE CHANGING LANDSCAPE
Chester v Afshar [2004] 4 All ER 587
! Without being informed the 1-2% risk of the operation
going wrong, the claimant was paralyzed following a
back surgery performed by Dr. Afshar.

! The House of Lords, by a split of 3:2, held that the

“but for” test has been satisfied: if the claimant had
been informed of the risks, she would not have
undertaken the operation.
THE CHANGING LANDSCAPE
Chester v Afshar [2004] 4 All ER 587
! (Cont’d.) Lord Steyn emphasized: “A rule requiring a
doctor to abstain from performing an operation
without the informed consent of a patient services two
purposes. It tends to avoid the occurrence of the
particular physical injury the risk of which a patient
is not prepared to accept. It also ensures that due
respect is given to the autonomy and dignity of each
patient.”
THE CHANGING LANDSCAPE
Chester v Afshar [2004] 4 All ER 587
! (Cont’d.) The case sent out a powerful message that
the medical paternalism no longer ruled in case of
medical law, as patient had a prima facie right to be
informed by a surgeon of a small but well-
established risk of serious injury as a result of
surgery
! When later the time comes, the UK Supreme Court
further reinforced the patients’ right in the landmark
case Montgomery v Lanarkshaire Health Board
[2015] UKSC 11
MONTGOMERY V LANARKSHAIRE
HEALTH BOARD [2015] UKSC 11
! Facts:
! Mrs. Montgomery was of short stature. She suffered
from diabetic was she got pregnant, and was worried
to have difficulty with virginal delivery. As diabetics
are known to give rise to big-size babies, the
obstetrician performed US to monitor the foetus’ size
and unfortunately there was indication the baby’s
size was becoming big.
MONTGOMERY V LANARKSHAIRE
HEALTH BOARD [2015] UKSC 11
(Cont’d.)
! Facts:

! Induction of labour was advised and took place at

week 38. The obstetrician did not offer the patient
alternative of caesarean section despite Mrs.
Montgomery expressed her concern of difficult
labour. There was known risk of shoulder dystocia,
a complication due to impaction of shoulders of
baby during its passage through the birth canal, in
the order of around 8%.
MONTGOMERY V LANARKSHAIRE
HEALTH BOARD [2015] UKSC 11
(Cont’d.)
! Facts:

! Mrs. Montgomery went on with virginal delivery

and indeed met with the complication of shoulder
dystocia. There was also difficulty in getting the
baby out causing the baby to suffer from anoxia to
the brain. As a result, the baby suffered from
permanent neurological damage.
MONTGOMERY V LANARKSHAIRE
HEALTH BOARD [2015] UKSC 11
(Cont’d.)
! Issue: Was the obstetrician negligent in failing to
disclose the risk of shoulder dystocia and offer the
alternative of caesarian for her choice?

! Held: The House of Lords unanimously held that the

obstetrician was negligent.
UPDATED STANDARD OF DISCLOSURE
! In Sidaway, a medical practitioner needs to
inform a patient what is considered by the
medical community as to what a patient should
know (i.e. Bolam applied).

! A doctor, unless being asked about any particular

aspects of treatment, provided the usual
information in accordance with the usual school
of medical practice should have fulfilled the
Bolam’s standard.
UPDATED STANDARD OF DISCLOSURE

! After Montgomery, a patient is entitled to the full

information that would be material in his / her choice
and the decision for that choice is the patient’s, not
that of the doctor’s.
TEST OF MATERIALITY
! “… whether, in the circumstances of the particular
case, a reasonable person in the patient’s position
would be likely to attach significance to the risk, or
the doctor is or should reasonably be aware that the
particular patient would be likely to attach
significance to it.” - Montgomery v Lanarkshire Health
Board [2015] AC 1430 [87]
TEST OF MATERIALITY
! “An adult of sound mind is entitled to decide which, if any
of the available forms of treatment to undergo, and her
consent must be obtained before treatment interfering with
her bodily integrity is undertaken. The doctor is under a
duty to take reasonable care to ensure that the patient is
aware of any material risks involved in any
recommended treatment, and of any reasonable
alternative or variant treatments.” - Ibid [87]
TEST OF MATERIALITY
Two elements of the test:
1. Objective Element: the patient is attaching
special significance to the piece of information
objectively;

2. Subjective Element: Doctor is or should be aware

that the patient would attach such significance.
EXEMPTIONS
1. Therapeutic privilege exemption: the doctor
reasonably considers disclosure would be seriously
detrimental to the patient’s health;
2. Necessity: Patient requires treatments urgently but is
unconscious;
3. Patient refuses to discuss the inherent risks.
Ibid – [88] & [85]
POST-MONTGOMERY
! Spencer v Hillingdon Hospital NHS Trust [2015]
EWHC 1058 (QB) – provision of information before
discharge after surgical procedure

! Chan Siu Yim v Dr Cheung Sheung Kin also

know as Dr Samuel Kinneth Cheung [DCPI
1358/2013]
DISCUSSION
! What is the ideal model governing disclosure?

Photo credit: https://www.cartoonstock.com/directory/p/patient_disclosure.asp

SPECIAL ASPECTS OF CONSENT
Implied consent
! Consent inferred from conduct, presence of conduct is
presumed as judged from one’s conduct.
! E.g. patient entering the consultation room /
voluntarily lying down on couch when asked.
! However, it is a presumption rebuttable by contrary
evidence.
! Thus it is only safe to base only the most common and
routine procedures on implied consent.
! Express consent is always necessary for invasive
procedures or procedure carries significant risks.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
! Based on the “doctrine of necessity”, which operates
as a defence for administering non-consensual
treatment where patient is not able to give consent.
! It refers to the commission of an act which is basically
unlawful conduct but is necessary out of expediency
to avoid occurrence of greater harm.
! Applicable when there is a presumption that, had the
patient been capable at the material time, he / she
would give consent because the decision is in his / her
best interest.
! Safe to rest on this doctrine when situations involve
life- or limb-saving emergency treatments.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
Re F (Mental Patient: Sterilization) [1990] 2 AC 1
! A 36-year-old woman, whose mental capacity was only
a 4-year-old child, was a voluntary inmate of a mental
hospital. She was discovered that she had embarked
upon a sexual relationship with a fellow patient. Her
mother and hospital sought a declaration from Court
that it is lawful to perform sterilization on her in
absence of her own consent.
! The Court accepted that it would be in her best
interest for her to be sterilized since other
contraceptive methods were impractical and she would
not be able to care for her own child if she was
pregnant.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
Re F (Mental Patient: Sterilization) [1990] 2 AC 1
! “Upon what principle can medical treatment be
justified when given without consent? We are searching
for a principle upon which, in limited circumstances,
recognition may be given to a need, in the best
interests of the patient, that treatment should be
given to him in circumstances where he is disabled
from consenting to it. It is this criterion of a need which
points to the principle of necessity as providing
justification” – per Lord Goff at para 71.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
Re F (Mental Patient: Sterilization) [1990] 2 AC 1
! However, it must be noted that the principle of
necessity is very limited. Not only must action be
necessary when it is not possible to communicate with
the assisted person, the act must also be such that a
reasonable doctor would take under the circumstances,
in the best interests of the person.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
Further example of the application of the
necessity principle:
! In Devi v West Midlands Regional Health Authority
[1980] CLY 6087, the doctor performed hysterectomy
under a consent of repairing of uterus for a woman who
had given birth to her fourth child, in the belief that it
was in the patient’s best interest to do so. Court held
that the doctor was liable for battery, having regard to
the religious beliefs and cultural background of the
patient (patient was a Sikh: the sterilization was a real
substantial loss to her).
SPECIAL ASPECTS OF CONSENT
Treatment without consent
Further example of the application of the
necessity principle:
! In Marshall v Curry [1933] 3 DLR 260, Court held that
the removal of testicle in order to avoid risk of gangrene
if left behind after a hernia operation to be justifiable.

! However in Murray v McMurchy [1949] 2 DLR 442, a

doctor ligated the patient’s oviduct during caesarean
section because he found fibroid tumors in the uterus
and concerned about subsequent pregnancy. Court held
that the doctor was liable for battery. The Supreme
Court of British Columbia distinguished life
preservation from health preservation as necessity.
SPECIAL ASPECTS OF CONSENT
Best Interests of a patient
Hospital Authority v C [2003] 1 HKLRD 507, per
Hartmann J in para 24-30
! The “best interests” of a mentally incapacitated
patient are defined in s.59ZA of (Mental Health)
Ordinance as carrying out of treatment in order to –
! Save the life of the mentally incapacitated person;
! Prevent damage or deterioration to the physical
or mental health and well-being of that person; or
! Bring about an improvement in the physical or
mental health and well-being of that person.”
SPECIAL ASPECTS OF CONSENT
Best Interests of a patient
Hospital Authority v C [2003] 1 HKLRD 507, per
Hartmann J in para 24-30
! “The term ‘well-being’ used in the definition is a
broad, inclusive term and, in my judgment, concurs
with the meaning given in the common law to the
‘best interests’ of a patient. In common law, the best
interests of a patient are not limited solely to best
medical interests: see Re MB (supra) at 188. Nor are
best interests limited solely to what is necessary: see
F v West Berkshire Health Authority (supra) at 26…”
SPECIAL ASPECTS OF CONSENT
Best Interests of a patient
Hospital Authority v C [2003] 1 HKLRD 507, per
Hartmann J in para 24-30
! (Cont’d.) In seeking the best interests of a patient, Lord
Goff in F v West Berkshire Health Authority (supra) at
27, commented that the doctors must act in
accordance with a responsible and competent
body of professional opinion… Lord Goff went on to
say: ‘…It must surely be good practice to consult
relatives and others who are concerned with the
care of the patient. Sometimes, of course,
consultation with a specialist or specialists will be
required; and in others, especially where the decision
involves more than a purely medical opinion, and
inter-disciplinary team will in practice participate in
the decision.”
SPECIAL ASPECTS OF CONSENT
Best Interests of a patient
Hospital Authority v C [2003] 1 HKLRD 507, per
Hartmann J in para 24-30
! (Cont’d.) In Re T (Adult: Refusal of Treatment) [1992]
WLR 782, Lord Donaldson MR spoke plainly of the lack
of legal rights vested in next of kin, very often the
husband: ‘… this is a misconception because the next
of kin has no legal right either to consent or to refuse
consent.’”
SPECIAL ASPECTS OF CONSENT
Best Interests of a patient
Hospital Authority v C [2003] 1 HKLRD 507, per
Hartmann J in para 24-30
! (Cont’d.) “this is not to say that it is undesirable
practice if the interests of the patient will not be
adversely affected by any consequential delay. I say
this because contact with the next of kin may reveal
that the patient has made an anticipatory choice
which… would bind the practitioner. Consultation
with the next of kin has a further advantage in that it
may reveal information as to the personal
circumstances of the patient and as to the choice
which the patient might have made, if he or she
had been in a position to make it.”
SPECIAL ASPECTS OF CONSENT
Best Interests of a patient
In summary…
1. If time permits, and if there has not been prior
objection by patient to do so, relatives or next of kin
should be contacted and informed, with the
purpose of maintaining good communication or to
ascertain better understanding of the patient’s own
wishes, but not to seek approval from them.

2. It is also advisable for doctors in emergency who is

solely deciding upon the best interests of a patient
incompetent in the situation to seek concurrence
from a second doctor in order to support the
decision.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
The mentally incompetent
! Pt.IVC of Mental Health Ordinance (Cap. 136) has
a number of provisions aiming at enabling the decision-
making process to be accomplished on the mentally
incompetent adults’ behalf when they are unable to give
consent.
SPECIAL ASPECTS OF CONSENT
Treatment without consent
The mentally incompetent
! E.g. s.59ZG (Application to court) stipulates that “Any

person, including a medical superintendent, registered

medical practitioner or registered dentist, may apply to the
Court for consent to the carrying out of treatment in
respect of a mentally incapacitated person to whom this Part
applies in circumstances where a guardian of that person
appointed under Part IIIA or IVB who has been conferred the
power to consent in a guardianship order under section
44B(1)(d) or 59R(3)(d)—
(a) is, for whatever reason unable or unwilling to
make a decision concerning a request under section
59ZE for his consent to the carrying out of treatment in
respect of that person; or
(b) having failed properly to observe and apply the
principles described in section 59ZB(3), refuses to
give such consent.
CASE DISCUSSIONS - CONSENT
CHAN PO SUM V THE MEDICAL COUNCIL OF
HONG KONG CACV103/2013
! Facts: On 7th December 2009, a 33-year-old man
suffering from hemorrhoids visited Dr. Chan, who
advised the patient non-operative treatment. Later,
when the treatment was unsuccessful, Dr. Chan
recommended to surgical options, one conventional
and another a new procedure called PPH.

! Dr. Chan informed the patient that PPH has many

advantages including less pain and post-operative
wound care, shorter recovery and limited risks.
However, he failed to mention two risks associated
with the procedure, namely (i) rectal perforation and
(ii) higher rate of recurrence of internal hemorrhoids.
CHAN PO SUM V THE MEDICAL COUNCIL OF
HONG KONG CACV103/2013
! Patient was subsequently admitted to hospital on 23rd
Feb 2010, where he signed to documents: (i)
“Checklist of Possible Common and Important
Complications (General Surgery)” and (ii) “Surgery /
Medical Procedure / Treatment Consent Form” – with
no further information.

! After surgery was performed, the patient experienced

severe abdominal pain and was unable to pass urine.
Dr. Chan was informed and he visited the patient
next morning, but he did not perform any physical
exam before patient was discharge the same day.
CHAN PO SUM V THE MEDICAL COUNCIL OF
HONG KONG CACV103/2013
! For the following 2 days, patient still experienced
pain and inability to defecate. He tried to called Dr.
Chan twice but to no avail. He then attended A&E of
a public hospital.

! After discharge he contacted Dr. Chan and was given

advice which did not help his condition. He was
brought to A&E again by ambulance. There, he was
diagnosed to have peritonitis and an emergency
laparotomy was performed, and a large perforation
was found in patient’s rectum. An end colostomy was
performed, along with a second laparotomy, and he
was hospitalized for a month.
CHAN PO SUM V THE MEDICAL COUNCIL OF
HONG KONG CACV103/2013
! The patient made an application to the MCHK and
Dr. Chan was charged with:
! Failure to obtain informed consent for the operation;
! Failure to properly examine the patient during the pos-
operative period;
! Failure to properly examine the patient before he was
discharged from hospital; and
! Failure to properly advise the patient after his discharge
from hospital.

! The MCHK judged that Dr. Chan should have

explained to the patient the associated risk of rectal
perforation since it was a known and potentially life-
threatening risk of PPH. The MCHK found Dr. Chan
liable for failing to obtain an informed consent.
CHAN PO SUM V THE MEDICAL COUNCIL OF
HONG KONG CACV103/2013
! Dr. Chan appealed to Court for the decision, arguing
that the MCHK has been misled by its Legal Adviser
that Bolam is not relevant. The defense argued that
Bolam test has not been overruled by Chester v
Afshar [2004] – in which duty of disclosure was held
to apply to 1-2 % risk of an operation failure – and Dr.
Chan did not consider the risks of rectal perforation
was so obviously necessary to an informed decision.
CHAN PO SUM V THE MEDICAL COUNCIL OF
HONG KONG CACV103/2013
! Issue: Had the MCHK been misled by its Legal
Adviser on the correct test to be applied in law?

! Held: As per Lord Steyn stated in Chester v Afshar,

“In modern law medical paternalism no longer rules
and a patient has prima facie right to be informed by
a surgeon of a small, but well established, risk of
serious injury as a result of the surgery.” In light of
this statement, the judge held that the Legal Adviser
had not misled the MCHK. And the Council had
conducted itself in accordance with the current state
of law of informed consent. The appeal was therefore
dismissed.
CONFIDENTIALITY
BASIS OF THE DUTY
Medical Ethics
! “Whatever, in the course of my practice, I may see or hear
(even when not invited), whatever I may happen to obtain
knowledge of, if it be not proper to repeat it, I will keep
sacred and secret within my own breast” - The Hippocratic
Oath 500 BC

! “I will respect the secrets that are confided in me, even after
the patient has died” - 1948 modification of the Hippocratic
Oath, 5th Requirement
BASIS OF DUTY
Equity & Common Law
! Prince Albert v Strange (1849) 1 Mac & G 25, 41
ER 1171 – Lord Chancellor granted an injunction to
restrain publication of a catalogue which would
expose details or original etchings of the Plaintiff
based on property right, breach of trust, confidence,
and contract.
BASIS OF DUTY
Human Rights Law
! Campell v MGN Ltd Prince Albert v Strange [2004] 2
AC 457 – “This stems not only from the confidentiality of
the doctor-patient relationship ... As the Euopean Court of
Human Rights put in in Z v Finland 25 EHRR 371,
405-406, para 95: ‘Respecting the confidentiality of health
data is the vital principle in the legal systems of all the
Contracting Parties to the Convention…’ – per Baroness
Hale
REGULATIONS OF LOCAL INSTITUTIONS
Hospital Authority Data Privacy Guideline
1. Patient under care
2. Organization-need-to-know
PERSONAL DATA (PRIVACY) ORDINANCE
(CAP.486)

! In Hong Kong, the ethical requirement of confidentiality

has been codified and supplemented by PD(P)O.

! It prohibits the use of information for any purpose other

than that at the time of collection.

! Restricting subsequent communication of confidential

information to third party.
PERSONAL DATA (PRIVACY) ORDINANCE
(CAP.486)

! Built on the data protection principles (DPPs), which are

found in Schedule 1 of PD(P)O.

! Entire statute consists of 10 parts followed by 6 schedules.

! All parts of the statute are important to healthcare

professionals and institutions, especially Part V which
concerns data access
PERSONAL DATA (PRIVACY) ORDINANCE
(CAP.486)
Key Definitions:
! Personal Data means information which relates to a
living individual and can be used to identify that
individual. It must also exist in a form which access
to or processing of is practicable.

! Data Subject is the individual who is the subject of

the personal data.

! Data User is a person who, either alone or jointly

with other persons, controls the collection,
holding, processing or use of personal data.
PERSONAL DATA (PRIVACY) ORDINANCE
(CAP.486)
Key Definitions:
! Data Processor is a person who processes
personal data on behalf of another person (a
data user), instead of for his/her own purpose(s).
! Data processors are not directly regulated under the
PDPO. Instead, data users are required to, by
contractual or other means, ensure that their data
processors meet the applicable requirements of the
PDPO.
SCHEDULE 1, PD(P)O
DPPs Elaborations

Purpose & Manner of Must be fair, for a relevant and necessary

Data Collection purpose, lawful and not excessive

Accuracy & retention of Accuracy to be ensured, retention of data not be

personal data longer than necessary

Use of personal data Not for purpose other than for which it is
collected unless with further consent
Security of personal data All practical steps taken to ensure protection
against unauthorized access / process / erasure
Information to be As to the data user’s policies and practices
available
Access to personal data Right of data subject to ascertain whether data
user is in hold of his personal data, to request
access, to be address within reasonable time,
make corrections, and be provided with reasons
for rejection
Part Content
1 Standard preliminary provisions of statutes.
2 Establishment of Privacy Commissioner of Personal
Data and his functions & powers.
3 Code of Practice.
4 Data user returns and the register of data users.
5 Access to and correction of personal data.
6 Prohibition of matching and transferral of personal
data outside HK.
6A Use of personal data in direct marketing and provision
of such.
7 Inspection, complains and investigations.
8 Exemptions
9 Offences and compensation
10 Miscellaneous matters
Sections Content
2 Defines “data user” to be person(s) who controls the
collection, holding, processing or use of data, & “data
subject” to be the person who is the subject of data.
4 Data user shall not engage in act contravenes a DPP as
stipulated in Sch.1 of the PD(P)O.
18 Data Access Request (DAR).
19 Requires supply of personal data held to be made
available within 40 days or written explanations to be
provide in case of non-compliance.
20 Grounds for refusal of DAR.
22 Correction of inaccurate data.
26 Erasure of data once no longer required unless
prohibited by law or for public interest.
28 Reasonable fee to be charged of making DAR or
correction.
SIX DATA PROTECTION PRINCIPLES (DPP)

! DPP1: personal data shall only be collected for a

lawful purpose directly related to a function or
activity of the data user. The data collected should
be necessary and adequate but not excessive for
such purpose. The means of collection should be
lawful and fair.
! E.g. Patients should be provided with Personal
Information Collection Statement, clearly stating
the purpose of collecting the data, the classes of
persons to whom the data maybe transferred,
consequences of failing to supply the data, and the
right to access of data.
SIX DATA PROTECTION PRINCIPLES (DPP)
! DPP2: data users are required to take all practicable
steps to ensure that personal data is accurate and is
not kept longer than is necessary for the
fulfillment of the purpose for which the data is used.
! E.g. Policy should be formulated to specify the
period of data retention
SIX DATA PROTECTION PRINCIPLES (DPP)
! DPP3: Unless with express and voluntary
consent from the data subject, the use of personal
data for any new purpose which is not or is unrelated
to the original purpose when collecting the data is
prohibited. A data subject can withdraw his/her
consent previously given by written notice.
! E.g. Under general circumstances, healthcare
workers are not allowed to disclose patient's
personal data to third party without patient’s
expressed consent.
SIX DATA PROTECTION PRINCIPLES (DPP)
! DPP4: data users are required to take all practicable
steps to protect the personal data they hold against
unauthorized or accidental access, processing,
erasure, loss or use.
! E.g. Patient’s medical record should be kept
securely. It should be ensured that people who are
unauthorized do not have access to the record, and
there are measures to prevent improper
disclosures or amendment.
SIX DATA PROTECTION PRINCIPLES (DPP)
! DPP5: data users are obliged to take all practicable
steps to ensure openness of their personal data
policies and practices, the kind of personal data held
and the main purposes for holding it.
! E.g. Privacy Policy Statement should be provide to
patients, stating the kind of personal data held,
purposes of using the personal data, and the
practices in place.
SIX DATA PROTECTION PRINCIPLES (DPP)
! DPP6: data subjects have the right to request
access to and correction of their own personal
data. A data user should give reasons when refusing
a data subject’s request to access to or correction of
his/her personal data.
! E.g. Patients have the right to apply hospitals and
to be informed by the same whether their personal
data are being held and be supplied with a copy of
such data. If data cannot be supplied within time
frame data subject should be provided with
legitimate reasons.
PERSONAL DATA (PRIVACY) ORDINANCE
(CAP.486)
Criminal offenses stipulated by PD(P)O (Cap. 486)
! https://www.pcpd.org.hk/misc/files/table2_e.pdf
RESOURCES SPECIFIC FOR HEALTHCARE
INDUSTRY BY PRIVACY COMMISSIONER
FOR PERSONAL DATA (PCPD)

Pamphlet for Hospital Authority:

! https://www.pcpd.org.hk/english/
resources_centre/industry_specific/files/
HAleaflet_e.pdf

Self-training Module on Protection of Personal

Data for Medical Practitioners
! https://www.pcpd.org.hk/misc/medical/index.html
WHEN IS DISCLOSURE SAFE
! Disclosure based on patient’s own consent;

! Disclosure as required by statute (but no

statutory basis for police to demand disclosure of
clinical records);

! Public interest in disclosure is prevailing.

CONCERNED RELATIVES AND FRIENDS
! Medical service provider has no right to release
information to relatives and friends unless with
patient’s consent

! Disclosure without prior consent would expose

practitioner to liability
CONCERNED RELATIVES AND FRIENDS
ABC v St George’s Health Care NHS Foundation
Trust [2015] PIQR P18
! Facts: Claimant’s father was convicted of manslaughter of
the claimant’s mother and was under hospital and
restriction order. He was diagnosed of suffering from
Huntington’s disease. He withheld the diagnosis from her
pregnant daughter. After the baby was born, the claimant
daughter was diagnosed with the same disease. She
contended that had she known about her father’s condition
during pregnancy should would have undergone tests and
terminate her pregnancy if necessary. The claimant alleged
the doctors concerned for breaching their duty of care
towards her.
CONCERNED RELATIVES AND FRIENDS

! Issue: Have the doctors concerned breach their duty?

! Held: It was not fair, just or reasonable to impose a duty of

care on a clinician which required him to inform a pregnant
relative of his patient about the patient’s diagnosis.
DISCLOSURE AS REQUIRED BY THE LAW
! Occupational Safety and Health Ordinance
(Cap.509) imposes a statutory duty on medical
practitioner to report to Commissioner of Labour
when findings suggests presence of occupational
disease listed in Sch.2 of Ordinance;

! Prevention and Control of Disease Ordinance

(Cap.599) – obliged to report some 48 infectious
diseases specified in Sch.1
DISCLOSURE AS REQUIRED BY THE LAW
! Termination of Pregnancy Regulations (Cap.
212A, Sub.Leg) reg.4 (notice of termination of
pregnancy) imposes requirement for medical
practitioner to notify the Director of Health by
completing Form 3 within 3 days after termination.
DISCLOSURE AS REQUIRED BY THE LAW
! Requests from Court – Only Court can order the
disclosure of medical records in the absence of consent

! Expert opinion – Failure by medical service

provider to comply with the request for a report or
supply medical details, Court will issue a witness
summons to require the doctor’s presence to give
evidence
POLICE INVESTIGATIONS
! There is no legal basis for the authority of the police force
to demand the submission of medical reports in the first
place in absence of consent from patients

! It is prudent to always check if the warrant empowers the

seizure of patient’s records and related articles

! Confidentiality of medical records has priority over

prevention and investigation of crime (R v Cardiff Crown
Court, exp Kellam (1993) 16 BMLR 76)
WHAT AMOUNTS TO “PUBLIC
INTERESTS”?

! Public “interests” from public curiosity is not genuine

public interests!

! Campbell v MGN Ltd [2004] 2 AC 457 – The Daily

Mirror published the photographs together with
certain details of drug addict treatment of famous
model Naomi Campbell after her denial of being a drug
addict. Despite Court accepted that the newspaper was
justified in correcting a public lie the Plaintiff made,
the House by a bare majority held Defendant liable on
the basis that Plaintiff’s right to privacy outweighed
Defendant’s freedom of expression
WHAT AMOUNTS TO “PUBLIC
INTERESTS”?

! Douglas v Hello! Ltd [2008] 1 AC 1 – Court held that the

celebrity Plaintiff’s wedding photos were confidential even
the right to publish has been assigned by contractual
agreement to the Defendant magazine.

! HRH Prince of Wales v Associated Newspaper Ltd

[2006] EWHC 11 (Ch) – CA rejected the newspaper’s claim
that the extracts of private dairy of Prince Charles stolen by
former palace employee was of public interests.
PUBLIC INTEREST
! Basically, there is no legal duty for a doctor to
assist the police if he feels uncomfortable to
answer their questions concerning his patients.

! What he must do is to refrain from giving

false or misleading information.
PUBLIC INTEREST
W v Egdell [1990] Ch 359
! Facts: W, a dangerous prisoner in detention in a
secured hospital for murder and severe wounding
offences applied to be transferred out. His
psychiatrist Dr. Egdell assessed him to be unfit for
released.
! While W’s solicitors did not disclosed the report as it
was not in their client’s interests, Egdell informed the
Home Office.
! The prisoner brought an action for breach of
confidence.
PUBLIC INTEREST
! Issue: Was Dr. Egdell’s breach of confidentiality justifiable?

! Held: Court of Appeal unanimously held dismissed the

appeal.
! Yet, it was emphasized that it was for the Court, not
the doctor, to decided whether the disclosure was in
breach.
! Also, it is only under most compelling circumstances
could justify a doctors acting in contrary to the patient's
perceived interests in absence of consent.
PUBLIC INTEREST - THE DECISION-MAKING
TEST

! Step 1: whether the public would be at

significant risk if the information were not
disclosed?

! Step 2: how the doctor-patient relationship

would be affected if disclosure is made?

! Step 3: Which of these is the most significant

risk?
PUBLIC INTEREST - THE DECISION-
MAKING TEST
! If disclosure is considered necessary: -
! Patient should be informed of the steps taken if it is
safe to do so;
! Document and record reasons for the actions and
decisions taken;
! Be prepared to be able to justify the decision in Court
if a subsequent complaint is filed.
PATIENT’S REMEDIES
! File a complaint to: -
! the practitioner;
! the institution concerned;
! the appropriate professional regulatory body.
PATIENT’S REMEDIES
! Report the case to the Privacy Commissioner of Personal
Data:
! Commissioner could take up investigation and, if system
faults are evident, arrange mediation to allow for breach
to be remedied;
! Provision in the PD(P)O also empowers the
Commissioner to issue an enforcement notice on the data
user concerned to rectify any incompliance with the
statute;
! Person or respective data user could be charged with
offence if breach falls within ss.64 or 64A.
PATIENT’S REMEDIES
! Initiate civil action and claim for damages in tort of
negligence (include injury of feelings).
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)
! The Electronic Health Record Sharing System
(eHRSS) provides health records in electronic
format that contain health-related data of
individuals.
! eHRSS provides an efficient platform for healthcare
providers to upload and access an individual’s health-
related data.
! Participation in eHR sharing is voluntary. With an
individual’s sharing consent, healthcare providers
may access the individual’s eHR for healthcare
purpose.
! The first stage of the eHR Programme aims to set up
the eHR sharing platform for connection among
public and private hospitals, clinics,
laboratories and radiological examination
centres to connect to the eHR sharing platform.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)

eHRSS is implemented with the following objectives:

! Improve efficiency and quality of care: by providing
healthcare providers with timely access to comprehensive
medical information of patients, and enhancing cost-
efficiency by minimizing duplicate investigations.

! Improve continuity and integration of care: by

providing healthcare providers with access to lifelong
health records of patients for holistic care and facilitating
referral and follow-up of cases between different levels of
care.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)

! Enhance disease surveillance: by allowing prompt

provision of data for disease surveillance and by facilitating
the compilation of health statistics to support policy
formulation and public health research.

! Redress public-private imbalance: by facilitating other

public-private partnership in healthcare and at individual
level, by enabling patient to choose freely between public
and private services without worrying about the transfer of
medical records.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)

What information does eHRSS contains?

! Only data within the sharable scope will be shared in
eHRSS.

! The scope of sharable data will be reviewed and updated

from time to time. The joining and sharing consent given
will remain valid for any changes in sharable scope.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)

The current scope of sharable data includes the following:

! Personal Identification and Demographic Data (including
name, date of birth and identity document number etc.)
! Allergies and Adverse Drug Reactions

! Diagnosis, Procedures & Medication

! Encounters / Appointments (i.e. summary of appointments /
bookings)
! Clinical Note / Summary (i.e. Discharge Summary)
! Birth and Immunization Records
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)

(Cont’d):
! Laboratory and Radiology Reports

! Other Investigation Reports

! Healthcare Referrals

! The latest scope and details are published in the website

of eHRSS.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)
Sharable scope
! Sharable scope is defined based on clinical need and
data readiness in respective healthcare providers’
computer medical systems. Sharing of such data
within the sharable scope should be essential for
providing healthcare to the patients.

! It was defined in the Domain Groups established

under the Steering Committee on Electronic
Health Record Sharing (電子健康紀錄互通督導委員
會專案小組) in Electronic Health Record Office
(eHR Office) (可互通資料由電子健康紀錄統籌處).
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)
Types of Consent
! The Indefinite Sharing Consent will remain
valid from the date of indication until it is revoked
by the patient, or the registration of the patient with
eHRSS is withdrawn / cancelled (such as on the death
of the patient), whichever is earlier.

! The One-year Sharing Consent is valid for one

year from the date of indication, unless it is revoked
by the patient, or the registration of the patient with
eHRSS is withdrawn / cancelled (such as on the death
of the patient), during the one-year term.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)
Protection of Data Privacy
Legal Aspect
! Apart from the existing PDPO (Cap 486), the
Electronic Health Record Sharing System
Ordinance (Cap 625) (eHRSSO) has also been
enacted.

! eHRSSO has prescribed the use of eHR, the mechanism

to give or withdraw "sharing consent" to individual
healthcare providers and the "need-to-know" principle;
and specific sanctions were imposed in respect of non-
compliance of certain requirements or security breaches
and using eHR for direct marketing purposes.
ELECTRONIC HEALTH RECORD
SHARING SYSTEM (EHRSS)
Protection of Data Privacy
Technical Aspect
! security policies and control procedures have been developed,
and appropriate technologies and measures have been
employed (e.g. authentication of patient’s identity, validation
of healthcare professionals registration, firewall, anti-virus
software, data encryption and access control, record and
notification) to protect the system.

Operational / Workflow Aspect

! established Code of Practice, Conditions of Registration,
Participant Information Notice, Procedures and Guidelines
with recommendations to users in using eHRSS.
ELECTRONIC HEALTH RECORD SHARING
SYSTEM ORDINANCE (CAP 625) (EHRSSO)
Purpose
! It provides for the establishment of the Electronic
Health Record Sharing System (eHRSS).
! It provides legal basis for sharing and using of data
and information contained in the System.
! It sets out legal requirements for protection of the
System, data and information.
 ELECTRONIC HEALTH RECORD SHARING
SYSTEM ORDINANCE (CAP 625) (EHRSSO)
Relationship with PDPO
! PDPO is applicable for personal data contained in eHRSS.

! Definition of "minor”: person below 16 years of age in

eHRSSO, versus under 18 years of age under PDPO.

! When the healthcare provider that is under data correction

request is unable to comply with requirements under PDPO,
eHRSSO authorizes the Commissioner for the Electronic
Health Record (eHRC) to annex a note to the relevant record
in the system.
ELECTRONIC HEALTH RECORD SHARING
SYSTEM ORDINANCE (CAP 625) (EHRSSO)
Offence
A person commits an offence if he/she:
! Knowingly obtains unauthorized access to, damage or modify
data or information contained in an eHR;
! Knowingly impairs operation of eHRSS;
! Evades a data access request or data correction request by
altering, falsifying or destroying the data or information
contained in an eHR;
! Knowingly makes an untrue statement to enable the person
to give a joining consent or sharing consent;
! Knowingly contravenes a condition for research or statistics;
! Uses another person’s data or information contained in an
eHR or a copy for direct marketing.
REFERENCES
! Wai, A., Wong, D., Joynt, G., Cheung, R. (2016). Medical
Law and Ethics in Hong Kong. Sweet & Maxwell.

! The Official Website of the Office of the Privacy

Commissioner for Personal Data, Hong Kong: https://
www.pcpd.org.hk/

! The Official Website of the Electronic Health Record

Sharing System: https://www.ehealth.gov.hk/en/home/
index.html