Implementation of National Policy for Online Access to Medical Records in England
NHS England has issued a letter to GP practices outlining the national policy that will come into effect on October 31st, 2023. The policy aims to provide all patients over the age of 16 with automatic prospective access to their electronic medical records, including consultations, documents, problem headings, lab results, immunisations, and free text entries.
With this change, every time data is recorded in a patient’s GP system record after October 31st, 20223, staff members must consider whether it should be visible via the patient’s online record. This applies to general practice staff who receive correspondence and test results, as well as those working in secondary care, community, and mental health services, whose information becomes part of the GP record. Third-party sources, such as family members or work colleagues, can also contribute material that becomes incorporated into the medical record.
While it is prudent to assume that all records may contain sensitive or harmful data, online access is generally not likely to pose a specific risk for the majority of patients. It can empower individuals to better manage and understand their health and care. However, safeguards must be in place for all patients, not just those who may be more vulnerable, such as individuals at risk of domestic violence or in coercive relationships. The individual risk associated with online records access should be carefully considered for everyone.
Redaction – Considerations and Process
To address safeguarding concerns, practices have the option to prevent automatic access to the prospective full record by adding a specific SNOMED code to the patient’s record before October 31st, 2023. Records with this code will be excluded from the changes, and access for these patients will be reviewed on a case-by-case basis at a later date to determine if it can be granted without risking serious harm. Practices may schedule reviews when resources allow or when patients directly request access. These reviews may be time-consuming, but if affected patients make a direct access request, access should be granted subject to contractual safeguards.
Practices should carefully weigh the benefits of automatic access against the risks of harm. Even for patients at higher risk, there may be parts of the medical record that can be shared in full.
It is also possible to redact consultations, along with all the information recorded during those consultations, from the patient’s online view if it poses harm to the patient or another individual. Decisions on what to redact require careful thought and can be subjective.
Only parts of the record that wouldn’t be available via a Subject Access Request should be redacted, and each system supplier has its own method for redaction. The existing redaction facilities are available at the individual patient level through the current clinical systems. However, it is worth noting that the current redaction functionality does not allow for selective redaction of individual words or phrases or specific parts of documents. It is currently an all-or-nothing approach. Material hidden from the patient’s online view through redaction may still need to be revealed if a Subject Access Request is made. The adequacy of the existing redaction provision in fulfilling the regulatory requirements is questionable.
It is also necessary to redact information that mentions third parties if permission from those third parties has not been obtained, as it would be inappropriate for the patient to view such information.
Clinical Safety Concerns
While supportive of record access, the General Practitioners Committee (GPC) of England acknowledges that the automated switch-on, as part of the accelerated access to records program, is being implemented without providing additional resources or time for safe and effective implementation. NHS England has advised that “Practices and commissioners must be confident that the service can be provided safely.”
Given this context, the GPC has engaged in extensive discussions with NHS England to mitigate any unintended consequences arising from patients being given automatic access to their records. This is especially crucial for vulnerable patients, where access to their records could pose clinical safety risks. However, it is considered good practice to treat all patients as vulnerable until proven otherwise and ensure adequate safeguards are in place for everyone.
Additionally, the GPC has raised concerns about the functionality of the redaction software, which may result in hiding significant clinical information from patients due to its limitations. The fact that redaction does not persist following a GP2GP transfer is also worrisome and could lead to duplicated efforts in reviewing medical records if a patient with full access requests it again after switching practices.
Moreover, the GPC emphasises the need for a system that alerts newly registered GPs when elements of the record have been redacted by the previous GP. Furthermore, there has been a lack of public awareness campaigns warning patients that the NHS app may suddenly provide access to their detailed health records. This poses potential risks if passwords are saved on mobile devices and family members with access to PIN codes can easily view confidential health information.
There is a growing consensus that the safest and most effective approach to providing access to online records is through a consent-driven or shared-decision-making process. Under this approach, each patient chooses to opt in, allowing practices to carefully review records before granting access. Practices choosing this option should receive support and advice to further develop it as an innovative approach to healthcare provision and new ways of working.