The Access to Health Records Act 1990 gave the individual the right of access, subject to certain exceptions, to health information recorded about themselves.
The General Data Protection Regulation (GDPR 2016/679) has now superseded The Data Protection Act (DPA) 1998. Under GDPR, patients have the right to apply for access to their medical records. This is known as a Data Subject Access Request.
The practice has a duty to maintain the confidentiality of patient information and to satisfy itself that the applicant is entitled to have access before releasing the information. Therefore, you will be asked to provide proof of your identity and that of your representative if they are applying on your behalf.
If you wish to apply for access to patient information held by the practice, you need to apply, preferably in writing, to the Management Team stating:
You will be provided with an Information Leaflet.
The practice can provide patients with a full or partial copy of their medical records, if requested, but with certain exceptions.
Following application, the practice will contact you to discuss your entitlement, any written authorisation that may be required and make arrangements as necessary for your request to be processed.
Under GDPR, we ask you to be aware that we cannot disclose information to other people, including relatives and solicitors, etc without your permission.
The following link will provide you with information with regards to use of information for research and general use of information.
In addition, GP practices are expected to publish information about the research projects they are involved in. Such records should include details of the sponsor, allowing participants to access further transparency information provided by sponsors.
This notice lets you know what happens to any personal data that you give us, or any that we may collect about you. Please refer to the Notice for full details.