The duty of a practitioner to warn clients and third parties of risks has evolved over the past three decades. It may soon evolve, at least in some professions, to a duty to warn clients, affected third parties and the regulator of any significant errors made by the practitioner.

There probably has always been a duty to warn clients of any material fact that poses a significant risk of harm to them. For example, an engineer who learns that a material used in construction of a safety sensitive structure (e.g., bridge, dam) is well below specifications and poses a risk of catastrophe would warn clients of past projects of this development. However, there has been an expansion in recent years as to whom such warnings ought to be given and at what level of risk of harm such a warning should be given.

Duty to Warn Third Parties

The famous California case of Tarasoff v. Regents of University of California, 551 P.2d 334 (1976, Sup.Ct.Cal.) is perhaps the starting point for the modern debate on this issue. In Tarasoff, a psychologist was advised by a client of an intent to kill or severely injure third parties. The client’s statement was credible and the client had the means to carry out the threat. The court ruled that despite the strong duty of confidentiality, the risk to the third parties in these circumstances created a duty to warn them of the risk.

Since then there has been a developing general acceptance of a duty to warn third parties of a credible risk of death or serious injury. In Smith v. Jones, [1999] 1 S.C.R. 455, Canada’s highest court indicated that this duty to warn can even overcome the solicitor and client privilege, the strongest duty of confidentiality protected by law.

Mandatory Reporting Obligations

Along with this duty to warn third parties of significant risks to life or safety, there has emerged a duty to make mandatory reports to regulators of certain key events. Perhaps the best known mandatory reporting obligation relates to child abuse or neglect. These duties of mandatory reporting vary from profession to profession. Typically they involve a duty to report to the regulator serious concerns relating to sexual abuse, incompetence, incapacity, or where third parties are at risk of significant physical or economic harm. Sometimes these mandatory reporting obligations are more general, constituting a duty to intervene (e.g., with employers or others who can effectively address the threat) rather than having to report to the regulator directly.

Disclosure of Harm

In the spring of 2003, the College of Physicians and Surgeons of Ontario published a policy indicating that physicians have a duty to disclose harm that occurred during a patient’s care. The disclosure needs to be made even where a complaint or civil claim might result. The policy says:

Harm is defined broadly as an unexpected or normally avoidable outcome that negatively affects the patient's health and/or quality of life, which occurs (or occurred) in the course of health care treatment and is not due directly to the patient's illness.

The precise duty is worded as follows:

When a physician becomes aware, while treating a patient, that the patient has suffered harm in the course of receiving health care, he or she should consider whether the harm does or can be reasonably expected to negatively affect the patient's health and/or quality of life. If it does, then it is the physician's obligation to inform the patient about the harm sustained.

Similar requirements are being actively considered by other regulators.

Recent Developments in Privacy Law

This expansion of the duty to warn is being reinforced by recent developments in privacy law. In particular, a principle has been developing that individuals ought to be informed if there has been a breach of security involving their personal information. This disclosure duty arises from their ability to control their personal information and in order to permit the individuals to protect themselves.

On December 18, 2003, the Ontario government introduced Bill 31, the Health Information Protection Act, 2003. Subsection 12(2) of the Bill contains the following novel provision:

Notice of loss, etc.
(2) A health information custodian that has custody or control of personal health information about an individual shall notify the individual at the first reasonable opportunity if the information is stolen, lost, or accessed by unauthorized persons.

The Ontario Information and Privacy Commissioner lost no time in indicating that this notification should not be restricted to health information. She has indicated that this provision reflects a best practice in privacy protection. Where there is a breach of security involving personal information, she recommends that steps be taken to immediately contain the damage and prevent a reoccurrence or similar breach, that the privacy oversight body (such as her office) be notified of the breach and that the individuals whose privacy was breached are notified so that they may take appropriate action to protect themselves from unwanted consequences, such as potential identify theft.

Conclusion

Regulators should review their duty to warn provisions for their particular profession to ensure that they still reflect current professional and societal values. The trend seems to be to expand the duty to warn beyond a risk of death or serious injury to include economic risks and practitioner error. In addition, the duty may also be expanding to include disclosure to the regulator as well as to the third party at risk.

FOR MORE INFORMATION

This newsletter is published by Steinecke Maciura LeBlanc, a law firm practising in the field of professional regulation. If you are not receiving a copy and would like one, please contact: Richard Steinecke, Steinecke Maciura LeBlanc, 401 Bay Street, Suite 2308, P.O. Box 23, Toronto, ON  M5H 2Y4, Telephone: 416-626-6897 Facsimile: 416-593-7867, E-Mail: rsteinecke@sml-law.com

WANT TO REPRINT AN ARTICLE

A number of readers have asked to reprint articles in their own newsletters. Our policy is that readers may reprint an article as long as credit is given to both the newsletter and the firm. Please send us a copy of the issue of the newsletter which contains a reprint from Grey Areas.