Intended for healthcare professionals


GPs warn of dangers in allowing patients online access to their medical records

BMJ 2012; 345 doi: (Published 20 November 2012) Cite this as: BMJ 2012;345:e7851
  1. Gareth Iacobucci
  1. 1BMJ

The BMA’s General Practitioners Committee has warned that patients’ safety could be compromised by plans to allow patients to access their medical records online, as set out in the Government’s NHS Mandate earlier this week.

The mandate will require all patients to be able to book GP appointments online, order a repeat prescription online, exchange email with their GP, and access their records remotely by March 2015.1

The plans—initially set out in the government’s information strategy for the NHS in May2­—are part of a ministerial drive to increase the use of technology to help people manage their health.

But although GP leaders said that they were not opposed to the principle of booking appointments or prescriptions online, they were concerned that allowing online access to medical records could place some vulnerable patients at risk if the information were obtained by third parties.

They warned that, if it were possible to access notes remotely, some vulnerable patients may be persuaded, or coerced, into disclosing them to insurance companies, employers, police, lawyers, families, and others who might misuse them.

The General Practitioners Committee said that it also had reservations about the mandate’s pledge to explore the prospect of making e-consultations “much more widely available,” because of the danger that other people could “masquerade” as the patient.

Under current rules, patients are already permitted to access their records in their GP surgery but not online.

The committee’s chairman, Laurence Buckman, warned that patients could be at risk if unencrypted medical records were passed freely to third parties, an issue that he said he had raised with ministers before the launch of the mandate.

“We have to differentiate between access to records which is OK and online access,” he said.

“Online access means the patient can read what there is—but so can anyone else. I could imagine how an abusive parent could force a young person to get their medical records so they could see what had been written about them. I can imagine that there are plenty of parents who would try and get access to their teenage children’s records to find out who has had sex with whom or who is doing drugs.”

“I think the hazards of that are very substantial,” Buckman warned.

“We see this as a crucial issue for us to explain to patients and the public, why what superficially sounds like quite a reasonable idea is actually damaging.”

A Department of Health spokesperson said, “Enabling greater access to health records is one way we can support people to become partners in decisions about their treatment and better manage their health and care. However, this needs to be balanced with protecting confidentiality and security of information.

“We asked the Royal College of General Practitioners to establish a stakeholder group representing royal colleges, patient groups, the BMA, the Department of Health, and the NHS Commissioning Board, in order to develop plans to give patients greater electronic access to their GP records.

“This group is now working to identify the requirements and support arrangements needed for the successful implementation of this commitment. We would expect the NHS Commissioning Board to develop a robust and secure process for delivering this objective for other areas of care.”


Cite this as: BMJ 2012;345:e7851


View Abstract

Log in

Log in through your institution


* For online subscription