Skip to main content

Access to patient records and safeguarding

What general practice staff should know

We are providing patients using the NHS Wales App the ability to access their GP health records, up to their detailed coded GP health records. (This is exactly the same as My Health Online).

Practices should already have Summary Care Records (SCRs) enabled for all patients as standard. This is shown in the practice global settings, or EMAS Manager.

Implementing detailed coded medical access

GP practices are encouraged to promote and offer patient access through the App to information from their detailed coded records (DCRs). The practice should have a process in place for handling DCR requests.

Some points to consider include:

  • whether you should give online access to a patient who requests access – and what level of access to give them
  • who should make the decision to give access – for example, a clinician or a suitably trained non-clinician with some support
  • whether different patients may need different levels of access (or none)
  • how to explain any access decisions to patients in a non-discriminatory way

Considerations for DCR access

When switching on Investigations at a Patient level, be mindful of the way results are displayed to patients within their account.

Due to the way these are managed in the clinical system, a delay of 72 hours is in place before results are visible via the App, giving a Practice time to process and file laboratory results. All remaining configurable options can be considered for activation including:

  • Problems
  • Diagnosis
  • Medications
  • Risks and warnings
  • Procedures
  • Investigations
  • Examinations
  • Events and recalls

Practice staff should be aware:

  • that patients will see new information once it is entered, or filed, onto their record in the clinical system
  • of how to manage this as a change to your workflow
  • of how to ensure that sensitive information is redacted (make invisible from patient view) as it is entered onto the clinical system
  • that there will be rare circumstances where it could be inappropriate to give a patient access to their record

If your practice uses EMIS, your staff should also be aware that:

  • patient access will include letters and documents (if not redacted)
  • patients will see new entries in their GP record
  • this change will not give new access to historic, or past, health record information, unless this is individually authorised by their GP practice

NHS Wales recommends that documents and any option capable of displaying free text should not be activated at a Practice or Patient level at this time. All remaining configurable options can be considered for activation at a Practice and Patient Level.

Safeguarding and managing inappropriate use

While enabling patients to view their medical records through the NHS Wales App will be beneficial to most patients, there may be challenges for a minority, particularly where access to information could cause serious mental or physical harm to the patient or a third party.

The importance of safeguarding patients or any third party who may be affected by making information available from any harm is paramount. It may be appropriate to redact specific information entered into the GP medical record or prevent the patient from having access.

Vulnerable and at-risk patients

A vulnerable patient’s record may contain information that may cause them physical or mental harm and the patient must not see.

In some circumstances there may be safeguarding plans in place and known to the practice. You should consider switching off access to parts of the record where you consider a patient vulnerable to coercion, where giving access to the record to them is likely to cause harm to their physical or mental health or that of others. This functionality already exists in general practice systems.

There may be other circumstances where, in the opinion of the GP practice, access to information from detailed coded records would not be in the patient's best interest.

For example:

  • it may cause serious harm to the physical or mental health of the patient or someone else
  • the record has information about someone who has not consented to its disclosure
  • there is information in a free text field that you cannot separate or redact from the rest of the detailed coded record
  • the patient cancels appointments they need, such as if they have dementia (appointments can be cancelled through the App even if they were booked offline)
  • the patient is at risk of coercion through online access

Sensitive information

Certain sensitive situations may require a more considered approach to access. Some information can be considered particularly sensitive.

Here are some examples:

  • fertility treatment
  • alcohol and drug misuse/abuse
  • criminal activity
  • gender and sexuality
  • mental health

Patient login and online access

As the NHS Wales App uses NHS login, most patients can get access to the GP online services available through the App without the practice having any involvement.

If patients do not already have a GP online services account, when they create one online, they will get the practice's default level of access to these services. Generally, that means they can book appointments and request repeat prescriptions as well as their Summary Care Record.

Guidance on coercion and other considerations can be found in RCGP guidance on GP online services

Stop patients accessing services

To prevent a patient from having access to the default services, you will need to adjust the settings within their patient record online services details in your clinical system.

If you need to revoke patient access to appointment booking or record access, it is important to do it within the individual patient's online account settings. If you simply delete their whole online access account, a new one will automatically be created the next time they use the NHS Wales App.

Discussing limited or no access with the patient

You may be concerned about conflict with a patient when you make the decision to restrict or deny their access.

Where a patient is refused access or given significantly restricted access, consider whether a face-to-face discussion between the clinician and the patient is necessary. Early involvement and transparency with the patient can help to avoid conflict and complaints.

Further guidance

In response to safeguarding concerns, the Royal College of General Practitioners is updating its GP Online Services toolkit, in collaboration with safeguarding experts. This will cover situations where concerns may arise, and the steps clinicians could take to mitigate these risks.

Protecting and processing patient data

The GP Practice will be the Controller of Personal Data processed in relation to the delivery of GP services provided by the NHS Wales App within the meaning of the UK General Data Protection Regulation and the Data Protection Act 2018. The practice will therefore have overall responsibility for ensuring that all data processing is undertaken in accordance with the Act.

Policies and procedures used by the GP practice for offering patients access to their Detailed Coded Medical Record should be approved by the Data Controller before the service is implemented by the practice.

Practices should:

  • review all new policies and practices to ensure they align with regulatory revisions or changes in local practice
  • agree a consistent approach to how patient records will be checked and who will be able to grant access for patients to their detailed coded information
  • tell staff about how the service will be made available so that they understand their role in the process

You can check standards against the Welsh Information Governance Toolkit self-assessment tool.