Patient Confidentiality

Source: Medical Registration Act (Cap. 174); SMC Ethical Code and Ethical Guidelines; Personal Data Protection Act 2012 (PDPA)

Written in plain language for general understanding. This is educational content, not legal advice. Based on Singapore Acts of Parliament, subsidiary legislation, and official government guidance.

Singapore National Law

What is this right?

Your medical information is confidential and cannot be disclosed without your consent, subject to limited exceptions:

  • Doctor-patient confidentiality: The SMC Ethical Code requires doctors to keep patient information confidential. Breach is a disciplinary offence.
  • PDPA: Healthcare organisations are bound by the PDPA — they must obtain consent to collect, use, or disclose your personal health data.
  • National Electronic Health Record (NEHR): Your medical records may be shared between healthcare institutions via the NEHR to improve care coordination — you can opt out of NEHR data sharing.
  • Exceptions: Disclosure without consent is permitted where required by law (e.g., notifiable diseases under the Infectious Diseases Act), by court order, or where there is a serious and imminent threat to life.

When does it apply?

  • You have received medical treatment and are concerned about who has access to your health information.
  • An insurer, employer, or third party is requesting your medical records.

What should you do?

  • Ask what data is being collected and for what purpose — the healthcare provider must inform you.
  • If you want to opt out of NEHR sharing, submit a request at healthhub.sg or an NEHR-participating institution.
  • If your data has been improperly disclosed, file a complaint with the PDPC and/or the SMC.
  • Do not sign blanket consent forms allowing unlimited sharing — be specific about what you authorise.

What should you NOT do?

  • Don't assume your employer has the right to your medical records — they generally do not, unless you consent or it is required by law (e.g., fitness-for-duty assessments).
  • Don't post your own medical records publicly if they contain other people's data (e.g., a doctor's report mentioning family medical history).
  • Don't ignore data breaches — if notified of a breach by a healthcare provider, take steps to protect yourself (monitor for identity fraud, change passwords).

More in Healthcare Rights

MediSaveMediSave is a national medical savings scheme under the CPF system that helps Singapore citizens and PRs pay for healthc...Read more →MediShield LifeMediShield Life is Singapore's compulsory national health insurance scheme:Universal coverage: All Singapore citizens an...Read more →Informed ConsentEvery patient in Singapore has the right to informed consent before any medical procedure or treatment:Montgomery standa...Read more →

Related Topics

Family LawMaintenance of ParentsWorkers' RightsMaternity and Paternity Leave
← Browse all Healthcare Rights

Legal Resources

We may earn a commission if you use these services — at no extra cost to you. This supports our mission to make legal information free for everyone.

LawDepotCreate healthcare directives, power of attorney for health care, and medical consent forms. Ready in minutes.Create Health DocumentsLegalZoomDraft a living will, healthcare proxy, or advance directive with attorney support available.Get Started

You came here to know your rights — help someone else know theirs.

Support This Mission