Last week, the Singapore Medical Council (SMC) fined a psychiatrist $50,000 after he was duped into giving up a patient's information (NUH doc fined for sharing patient's info, March 7).
This was a clear breach of the Personal Data Protection Act, and the SMC penalised him for not taking reasonable steps to verify the caller's identity and giving careful consideration to whether that disclosure would be in breach of his legal obligations and ethical requirements as the patient's doctor.
However, as doctors, our top priority is always our patients' well-being.
Faced with a situation where patients' lives could be in danger, doctors will not hesitate to do everything they can to help them.
Doctors also would not suspect that the people around their patients are harbouring ill intentions, or want to deliberately deceive them for their own purposes. Doctors are here to cure, heal and comfort. They are not IT experts or personal data protection practitioners.
While the Ministry of Health (MOH) and the SMC have a duty to ensure that doctors uphold the highest levels of medical ethics, there has been a disturbing trend of imposing heavy fines on doctors with no ill intentions towards their patients.
This will result in only confusion and anger in the medical fraternity, causing doctors in Singapore to practise defensive medicine to protect themselves.
Rather than brandish the whip, perhaps it is time for the MOH and the SMC to work with doctors, IT security experts and compliance professionals to come up with a recommended fundamental and robust infrastructure and workflow process to help us safeguard patients' confidential information.
By complying with the recommended standards, the chances of a future leak of personal data will be reduced and, at the same time, doctors will be able to practice medicine in a way that benefits their patients.
Siew Tuck Wah (Dr)
