Accessing and sharing health records and patient confidentiality House of Commons Briefing
Individuals have a right to access their own health records, and in limited circumstances, access to the records of other people. The Government has made a commitment that patients should gain access to their health records within 21 days following a request. Access to health records may also be granted in limited circumstances for relatives or in the case of deceased patients. This briefing describes how patients may request access to their records, and the circumstances in which access to the records of others may be allowed.
The Government has encouraged the NHS to make better use of technology, so that patients can manage their own healthcare needs, whilst ensuring that data remains safe at all times. As part of this, the Government has committed that all patients will have online access to personal medical records by 2016. This will include access to not only their own GP electronic records online in full, but also a summary of their allergies, medication, blood results, appointment records and medical histories. By 2018, this record will also include information from all the patient’s health and care interactions.
Additionally, the NHS is introducing Summary Care Records - electronic health records of essential patient data - to enable healthcare staff across the country to provide immediate care and treatment. NHS England and the Health and Social Care Information Centre will also introduce the care.data programme, a national collection of anonymous patient data to enable population-level analysis of health trends. The national roll-out of care.data will begin once a pathfinder exercise has taken place.
The briefing also outlines safeguarding arrangements for confidential patient information. In 2013, a review was carried out by the National Data Guardian for health and care, Dame Fiona Caldicott, to ensure that there is an appropriate balance between the protection of patient information and the use and sharing of information to improve care. In September 2015, the Health Secretary commissioned the CQC to carry out a review into standards of data security for patients’ confidential data across the NHS, for which the National Data Guardian will develop guidelines for data protection.
This briefing also describes statutory and public interest disclosures of patient information; information sharing rules for people who lack mental capacity; and access to information on hereditary conditions for relatives.
This briefing relates to patients in England.