This session will explore the long‑standing question of how doctors and nurses approach decisions about sharing confidential patient information in the public interest. Not because they are unsure of their duties, far from it, but because the situations they face are often complex, fast‑moving, and rarely as tidy as the policy documents would like them to be.
We’ll start with the Common Law Duty of Confidentiality, looking at what it means in real‑world practice and how doctors and nurses balance patient trust with concerns about safety and potential harm. We’ll also touch on the nuances around proportionality, minimal disclosure, and the particular care required when supporting capable young people or managing information relating to patients who have died.
From there, we’ll navigate the legislative landscape; Data Protection law (frequently misunderstood, occasionally blamed, but genuinely helpful), the mechanisms available in emergencies and research, and the statutory safeguards that guide when information can be shared, and when it absolutely shouldn’t be.
We’ll finish by examining professional guidance from national bodies, which provides structure, reassurance, and practical support for those making these difficult calls.
Overall, the session will outline the key legal, ethical, and practical considerations clinicians may draw upon, not to judge their decisions, but to support them.
You can read Andrew’s article Medical privacy: Aligning the need to breach patient confidentiality with data protection in the public interest at the bottom of this page.
Speakers
Andrew Harvey, Joint Head of Information Governance | Data Protection Officer (GSTT and KCH), Information Governance and Management, Guy's & St Thomas' Hospital NHS Foundation Trust
Since 2005 Andrew Harvey led Information Governance, Data Protection and related process across a host of healthcare organisations in the NHS as well as the private and health tech sectors. He champions the idea that these disciplines aren’t about saying no, but about getting yes right.
Since October 2025, Andrew has served as Joint Head of Information Governance and Data Protection Officer at Guy’s & St Thomas’ and King’s College Hospital NHS Foundation Trusts.
His work focuses on Data Protection, organisational resilience, and helping teams build trust, innovate safely, and stay steady under pressure.
With an LLM in Information Rights Law and a portfolio of professional qualifications, including the Open Data Institute’s Data Ethics Professional, Andrew blends academic insight with practical leadership to navigate complex compliance challenges.
At heart, he believes governance should empower people, unlock opportunities, and support better care, never simply exist for box‑ticking.
Chair: Chair Dr. Kay Achenbach, Head of the Data Ethics Professional course, the ODI
As Senior Learning Specialist and Head of Data Ethics at the Open Data Institute, Kay delivers data literacy training to hundreds of learners each year across the public and private sector, including the UK Civil Service. She leads the delivery of Data Ethics Professionals and works directly with organisations to embed data ethics into workflows and projects. Kay has a background in geophysical research and worked for over a decade in secondary schools prior to joining the ODI.