Prospective access to GP records

Following changes made to System One this week, general practices in England using EMIS or System One are now subject to the obligation to offer their patients prospective access to their medical records. Those practices may only delay in providing access if they consider that providing access is likely to have an adverse impact on their provision of essential services.

Where a patient accepts the offer of prospective access

It is important for practices to recognise that the legal requirement to provide prospective access does not modify the application of the UK GDPR, and does not authorise the disclosure to the patient of information which could not be disclosed under a subject access request by the patient. The administrative challenge for practices, and practitioners, is that they will have to make their notes, and upload external correspondence, as if they were preparing the information under a subject access request. Mixed personal data can only be disclosed if such disclosure is reasonable, taking account of the specific factors identified in the Data Protection Act 2018. Information which is not already known to the patient can only be disclosed if the ‘serious harm test’ is not met.

Practices will also face a particular burden in dealing with third party documentation, received from outside the practice, to consider whether it contains any information which is not disclosable and to address that issue before the data is uploaded to the patient’s record.

The serious harm test

The Data Protection Act 2018 imposes a duty on data controllers who are not healthcare professionals not to disclose health data to a patient if that information is not already known to them, unless an appropriate health professional has determined that the serious harm test is not met. The application of the test requires the involvement of a clinician and a formal record that the test is not met. Practice protocols for uploading third-party correspondence should facilitate those steps being taken before that material is uploaded and made accessible to the patient.

Addressing the question of whether information is already known to the patient may become particularly challenging. Is the fact that the information is contained in a record which the patient had the technical means to access sufficient to conclude that the information is known to the patient? Adopting such a heuristic approach would be contrary to the purpose of the serious harm test, which ought only to be bypassed where the patient has actual knowledge of the information.

Third party data

Decisions about the disclosure of mixed-personal data turn on an assessment of reasonableness. That is an assessment which may result in a different outcome at different points in time. An assessment of reasonableness may depend on a determination as to whether the information is already known to the patient. It is unclear whether the potential that the patient had accessed the information in their live record at some point in the past would be a sufficient basis to conclude that continued access should be permitted in the face of changed circumstances. Whilst such challenges may arise only rarely, it is not surprising that practices are concerned about the ongoing burden created by the requirement for constant vigilance.

Conclusion

Whilst enhancing patients’ access to their records is undoubtedly a positive step, it creates understandable anxieties for practices. Whilst practices can develop their internal cultures so that records are always made with a sensitivity to the likelihood that they will be accessed, practices are understandably concerned about the burden which they will carry in relation to incoming communications from external agencies, over whose culture they have very little influence or control. It is only a matter of time before disputes arise as to where liability lies when a practice has uploaded, and made accessible, a third party communication which contains information which ought not to have been disclosed to the patient.