Breach of professional secrecy

In European legal systems, the unauthorized disclosure or use of information covered by professional secrecy may constitute a criminal offense.

Professional secrecy applies to all information obtained in the course of performing a role or profession that requires trust, whether in the healthcare, legal, administrative, or technical fields.

Two legal interests are protected.
On the one hand, the confidentiality of the individual.
On the other hand, the proper functioning of relationships based on trust.

In essence, the conduct may consist of:

• Disclosing to third parties confidential information obtained in the course of professional activities;
• The use of such information for purposes other than those for which it was obtained;
• The improper disclosure of data subject to a confidentiality obligation;
• Making available information that the individual has not chosen to make public.

It is not necessary for the information to be publicly disseminated.
It is sufficient for it to be disclosed to unauthorized parties.

The role of professional position

A breach of professional secrecy does not only concern the content of the information, but also the manner in which it is obtained.

The information is accessible precisely because there is a relationship of trust or a position of authority.

It is this position that makes the conduct relevant.

Without that role, the information would not be available.

Information disclosed in the course of a professional relationship may also concern other individuals: family members, acquaintances, colleagues.

Direct contact with such individuals, based on information obtained in that context and without consent, may constitute a breach of professional confidentiality.

In these cases, it is not just content that is disclosed, but a network of relationships acquired within a protected setting is exploited.

When such contacts are used to report or misrepresent information about the patient, the conduct may also be relevant in terms of defamation.

From access to disclosure

Protected information may be:

• Disclosed directly to third parties;
• Used to influence decisions or behaviors;
• Integrated into other actions, even without explicit dissemination.

Therefore, a breach can also occur without public dissemination, through targeted communications or indirect uses.

From incident to pattern

In isolation, a breach may appear to be an improper disclosure or mishandling of confidential data.

In a coordinated context, it can serve a broader purpose.

It can contribute to:

• Transferring sensitive information between different parties;
• Anticipating the actions or decisions of the data subject;
• Supporting other forms of conduct through data that is not publicly accessible;
• Reinforcing versions of events based on confidential information.

In these cases, the information is not only protected but also becomes strategic.

Connection to other offenses

Breaches of professional secrecy may be linked to other criminal conduct:

• Invasion of privacy, when it involves personal data;
• Defamation, when information is disseminated to damage a person’s reputation;
• Blackmail, when the information is used to exert pressure;
• Fraud, when the information is used to obtain an advantage;
• Criminal association, when confidential information is shared or used by multiple parties in a coordinated manner.

These connections do not alter the autonomous nature of the offense, but they do highlight its potential integration into more complex dynamics.

In European legal systems, the breach of professional secrecy is recognized as an offense that protects confidentiality in relationships based on trust.

When part of a coordinated effort, it can serve an additional purpose: not only to disclose information, but to upset the balance between the parties based on that confidentiality.