A rock and a hard place? Ministry of Defence | Defence News | MOD confirms loss of recruitment data

James Cox ukcrypto at chiark.greenend.org.uk
Tue, 19 Feb 2008 00:20:18 +0000 

On 18 Feb 2008, at 23:42, Ian Batten wrote:

>>
>> Again, i emphasise- there are always edge cases - to steal a  
>> computing term - but for the majority of parents with the majority  
>> of kids with the majority of procedures, the parents have the say- 
>> so and that's that.
>
> Your insight boils down to `simple cases are simple'.  No shit.

>> Now, if you _really_ wanted to stymy my argument, you should start  
>> talking about divorced parents with shared (or, worse, unclear)  
>> custody..... :D
>
> Quite so.  And those were the scenarios I had planned for next  
> time.  Throw in parents of different nationalities for extra  
> credit.  My point: ``hard cases are hard''.

Right. So whilst we could dwell on how to solve these hard problems,  
we could also choose to recognize that they have unique complexities  
that can only be figured out in court.

In a vain attempt to get back to the original point: whomever gets to  
be next of kin or guardian ad litem of any person, explicit privacy/ 
confidentiality requests must be obeyed, regardless of relationship.

Whilst the Frasier Guidelines may encourage GPs to convince, sometimes  
forcefully, a minor to consult their parents for contraception; whilst  
Gillick Competency may find an individual of any age able to provide  
consent when it is informed, the patient holds a personal contract of  
agreement with their healthcare providers to not share information  
they may have disclosed to their doctors, and this must be obeyed.

However, when the patient's life is at risk, where another must make  
medical decisions by proxy, and that information is vital to being  
best able to make informed consent, it is the duty of the healthcare  
provider to make an assessment of the risk and reward of disclosing  
that information, obtaining legal advice wherever prudent to do so.  
There is no silver bullet to answer all eventualities; this is tricky  
and complex. Yet there are some natural laws and moral guidance  
doctors can use to help guide them. Parents are considered natural  
guardians of their children, and spouses (often) for their partners.  
Where parents nor spouses exist, the duty of kin falls to the nearest  
relative; a child old enough to take on that responsibility in the  
case of an elderly patient, or a grandparent or uncle/aunt for an  
infant without parents.

In many - most - cases this applies cleanly and smoothly. Only in  
those cases where there is bitter dissent, neglected responsibility or  
simple inability to take that responsibility should the courts step in  
to best determine who holds the best interests for the patient.

Ian (et al), you know all this, so i suspect our argument is moot.  
We're debating semantics with little positive outcome. That said,  
there has been a consistent thread that i want to pick up on: the  
health service's guidance on this appears to rely solely on the  
Fraiser and Gillick cases - grey areas seem to be preferential. I  
think i understand why; it allows for more scope of interpretation  
when the courts do need to step in, however i don't think it's in the  
best interests of the service, which may now be more vulnerable to  
attacks from patients claiming compensation for data exposure. Given  
also the epidemic of exposure from other parts of the government,  
perhaps now is a time for the NHS management teams to re-evaluate how  
it intends to go about protecting data from all parties: malicious  
hackers right through to overwhelming parents.

Best,

James