GP Practice Options for Prospective Online Access

As the deadline for the 1st November approaches to switch on Prospective Online Record Access for patients to view their GP record, there is quite a lot of confusion as to what needs to be initiated and completed by GP practices. This has not been helped by the delay by NHS England publishing guidance and clinical safety documentation and the clinical systems changing the way that records should be prepared. Based on current issues, I have discussed the issues and considered some options for GP Primary Care.

The current legislation that has been set out states that patients should have access to their prospective computerised medical record through patient portals such as the NHS App. Online access to detailed medical record access (including retrospective access) has been available for many years already and practices already have a process to enable patient online access to records upon request.

To be clear, patient access to their own medical records is a positive step that we should be encouraging and patients should be able to access there data in a secure way. The issue here is the mechanism and governance around how it should be done.

The big change now is the imposition from NHS England that there will be an automatic switch on of prospective access to patient records from a given date – currently set as 1st November 2022. This will include free text and documents as well as coded data within consultations. This will be for patients aged 16 and over.

There are several risks here. The use of medical language and abbreviations, present in most records, can reduce readability for patients, which can result in further consultations for an explanation. This has, however, decreased as copying patients into correspondence has become more widespread. The more significant risk is of correspondence being seen by patients that includes third party or sensitive information that could potentially cause harm. What constitutes as sensitive can vary from patient to patient and over time (e.g. “I have just received a CT result which shows cancer, so will meet Mrs Smith next week to inform her” is sensitive only until she has received the news). Safeguarding data is particularly sensitive, especially where there is concern around domestic violence, coercion or fabricated illness by proxy. The assumption has to be that the records will be viewed by the perpetrator.

This rollout has been delayed several times for various reasons and NHS England have put in some preparation advice for GP practices including a letter to GP practices and a GP practice readiness checklist.

One of the key learning points from the pilot sites for prospective record access was to add a code to patient records to ensure that patients who may lack capacity are excluded from automatic access roll out and that their records are applied with a specific code.

NHS England eventually published their clinical safety report with a hazard log on the NHS Futures website on the 6th September 2022. Reviewing this, it is clear that NHS England has put the mitigation for any risk in the control of the GP Practice with requirements such:
– creating redaction policies and a standard operating procedures
– communicate changes to all practice staff
– communicate to patients to raise awareness of the changes coming into effect
– identify vulnerable patients and add them to an exceptional circumstances list
– to review filing of letters to ensure harmful documentation is not made available
– proactively review every patient at each consultation to identify if redaction required
– engage with locum agencies to ensure locum and bank staff are aware of changes
– report system faults to system suppliers and the national programme

In addition, NHS England have asked GP practices to review the clinical safety case reports from the system suppliers and obtaining these have been challenging but having obtained these, the clinical systems again have mitigated risk by asking GP practices to:
– make local decisions regarding prospective record access as the data controller
– provide staff training
– check patients’ identification in case the patient care record is viewed by another person
– make Gillick / Fraser competence clinical decisions on an individual basis
– practice due diligence in entering data
– decide what information should be shared at every GP2GP transfer
– have a local business continuity process in case the system goes down

So, fundamentally, NHS England and the clinical systems have identified issues with their own clinical safety risk assessments and have mitigated controls against these by asking GP practices to implement and enact some changes – never mind GP practices having to do more at a time where GP practices are over stretched and beyond capacity. In my opinion, allowing this to proceed in its current form is placing undue clinical and information risk on to GP practices. As data controllers, GP practices, should be able to review the records prior to any individual release to ensure that the data is being released without coercion and the information is accurate.

As well as these changes, GP practice staff need to be aware of how to redact clinical information from the GP record if it is required. Having looked at this for EMIS Web, the functionality of redaction has changed from a process of “confidentiality policy” to “online visibility”. Further information can be found here. This puts additional training needs onto practice staff.

I have previously outlined concerns that need addressing before prospective access can be switched on in its current form:

  1. There is robust training that is provided to ensure that ALL GP practice staff are aware of the changes and have implemented and put in processes to ensure that prospective data is entered in a way that does not have any 3rd party information or entries that may cause harm.
  2.  All clinical systems have a process of redaction built into the workflow of all document and pathology processing.
  3.  From the lessons learnt from early adopter sites, the published recommendations for redaction are shared and openly publicised.
  4.  To address to concern of increasing workload, there is a meaningful dashboard agreed and published to show the number of patients requesting prospective and retrospective access to online medical records.
  5.  That before any legislation or directive for retrospective data is made, the third party redaction software that was promised in 2020 is provided to every GP practice on an ongoing basis that is funded centrally and equally.
  6.  NHS Digital publishes the clinical safety documentation, including the DCB0129, in a timely way including data flows, a hazard log and safety case.
  7.  NHS Digital supports GP practices in developing the DCB0160 as per NHS Digitals own guidance.

In addition, there are ongoing concerns around flags applied by one GP practice highlighting sensitive or redacted information, is not transferred to the new practice when a patient moves from one NHS GP practice to another. Having this data visible without review, introduces further risks and there should be technical solutions provided to resolve this.

I would strongly suggest that practices (as data controllers), should write to their system supplier (eg EMIS, SystmOne as their data processor) to inform them NOT TO run any scripts on their patient data allowing prospective record access unless the GP practice has satisfied itself that it has reviewed and accepted any clinical risk that may arise from the enabling of prospective record access.

There are several further options for GP practices to consider:

A practice may choose to do nothing.
This will mean that from the go live date (currently published as 1st November 2022) patients will automatically have access to prospective access to their detailed medical record that includes:

Lab resultsAll coded data from date* plus free text from date*
DocumentsAll coded data from date* plus free text from date*
ImmunisationsAll coded data from date* plus free text from date*
ProblemsAll coded data from date* plus free text from date*
ConsultationsAll coded data from date* plus free text from date*

* given date to be confirmed by system supplier (eg EMIS / SystmOne)

This option leaves several issues for practices that can be foreseen – and this is currently the biggest risk given that practices currently do not have the head space to process this requirement:
– Prospective access will be granted to all patients without the GP practice knowing or having control
– As data controllers, this opens up several risks to practices that could have been avoided
– The assumption will be from NHS England that the GP practice will be in agreement with the process
– Patients that the practice may feel are at risk or may be coerced will have their data accessible
– All new patients joining the practice who had redactions previously will now not be redacted


All GP practices note the findings from the pilot sites and run searches and code accordingly
Process from pilot sites document – Read this first
EMIS Web Searches and instructions – For EMIS Web practices to adopt
Systmone Searches and instructions part 1 – For Systmone practices to adopt
Systmone Searches and instructions part 2 – For Systmone practices to adopt
Credit and thanks to Named GPs for Safeguarding BSW ICB ( for creating these amazing searches!

These patients should be coded with:
SNOMED code 1364731000000104
“Enhanced review indicated before granting access to own health record”

Practices can then allow access to prospective records to these patients by applying the code:
SNOMED code 1364751000000106
“Enhanced review not indicated before granting access to own health record”

The issue to note here is that it applies to a point in time – so any new patients who join the practice or turn 16 will not be included unless this search is routinely run.

All GP practice staff should also be made aware of how to mark parts of the consultation to redact appropriately – EMIS Web guidance here. This should include staff tasked with managing incoming documents as well as clinicians consulting with patients.

As well as enacting option 2, GP practices could also decide to exclude all patients from being enabled for automatic prospective record access. This will not be a breach of contract as long as practices can inform patients of when they will be able to access their detailed online record.

One approach which some practices have taken, which seems a sensible middle ground, considering all options, is to code ALL patients with:
SNOMED code 1364731000000104
“Enhanced review indicated before granting access to own health record”
This would also need to be actively done with ALL new patients joining the practice and a safety net here could be a search regularly run to ensure all patients have this code applied.

Staff should also have training to ensure that staff dealing with patient records are aware of how to redact information if required.

GP practices should ensure that they have a robust process for enabling access to patients upon request.

A step by step process recommended for practices to facilitate access to online services is as follows:

  1. Patient requests Online Access
  2. Practice issues patient with access information and an application form to complete (click here for an example)
  3. Patient completes and returns application form and practice will verify the identity of the patient
  4. code “91B” (Patient registration data verified) should be added to the medical record
  5. Patients are given access as per the request on their application form at the point of verification
  6. The practice will then review the records within a set time period (aiming for 2 weeks) and it is recommended that this is also an opportunity for clinicians to tidy up the medical record to ensure:
    • The problem list is accurate with significant, active and minor problems accurately coded
    • Medications are appropriate and repeat medications are correctly listed and linked
    • Any data deemed confidential is marked as such
  7. Practices can then allow full access by applying the SNOMED code 1364751000000106 “Enhanced review not indicated before granting access to own health record”

Are there any other options to consider or any other issues not considered?
Please comment or interact on Twitter

7 thoughts to “GP Practice Options for Prospective Online Access”

  1. Hi Dr Bhatti,

    An interesting article, thank you.

    I don’t agree with coding all patients with 104, as I believe that (most) patients should be allowed access to their entire records, and that practices are already aware of most of their vulnerable patients (and searches already exist to find those that they may not be aware of). All staff should have been considering what data is added to a record (forever, but at least for the last few years since online record access has been available), and certainly from now, or at the very latest, from 1st November. Of course, the most time-consuming element is that of historic access, especially where a patient has not been registered with one practice exclusively during their lifetime, and the current practice would be allowing access to data that they had not recorded. iGPR (and other providers) have excellent software, and I agree that NHSE should make this freely available to practices as it originally was.

    A few comments on some of your statements:

    1. You state “Having looked at this for EMIS Web, the functionality of redaction has changed from a process of “confidentiality policy” to “online visibility””, but the two things have different purposes. CP is for hiding a record within a practice. OV is for hiding (part of) a record outside the practice.

    2. “All new patients joining the practice who had redactions previously will now not be redacted”. This is true, and annoying, but won’t affect the prospective access that will be given to the patient from their date of registration at the new practice (if they already have an online account). It will only become an issue if/when the patient requests historic DCR access too.

    3. “Practices can then allow full access by applying the SNOMED code 1364751000000106 “Enhanced review not indicated before granting access to own health record””. The 106 code only ‘releases’ a previous 104 review required code if BOTH are added before 1/11/22. Records reviewed after 1/11/22 will need to be enabled (or withheld) manually on the patient’s online access screen.

    1. Thank you for your comments.
      I would also agree that patients should have access to their entire record – prospective and retrospective – but this needs to be done in a controlled way and not an automatic free for all which will (as NHSE and EMIS have outlined in their clinical safety assessments) have a significant impact on some patients that have safeguarding, coercion and capacity issues etc.
      So, my focus has been to maintain the controlled access with good GP processes that you have mentioned by coding 104 to prevent the automatic enabling of prospective access and then allow patients a controlled access to prospective and retrospective data.
      To your points:
      1. before “online visibility” options were available EMIS advised on using the “confidentiality policy”. For prospective access both redactions are honoured up to a set date – then it will ONLY be “online visibility” – so this is a major change for practices to understand and enact. Some practices will do this much quicker than others – but at a time of multiple pressures on staff time, training and resources we need to have a considered approach.

      2. Agree – Prospective access will also apply at the point of registration. However, the clinical safety case does indicate that the GP2GP record at the point of registration will not contain information pertaining to previous flags so will have implications on patients that previously had items marked for redaction that may then surface in subsequent consultations.

      3. Agree! The unknown issue here is how often the clinical systems will run the script to look for the 104 and 106 codes.

  2. This is excellent.
    Cons from NHSE have been lacking and they have even scrubbed some info from their site which promised regional support for GPs on this.

    They originally thought they could implement the change centrally ie flip the switch. They’ve now admitted that they either cannot, or don’t want to.

    So if GP does not flip switch, what happens?
    Likely NHSE local area team comes knocking.

    If hundreds of GP practices don’t flip switch?
    Maybe SoS DHSC has to sign a direction to make us do it.

    I for one would be ime them to do the direction, coupled with proper indemnity from any resulting harms…

    1. Thanks for the comment.
      This is one of the concerns. Because NHSE have mitigated risks to the GP practice, it follows that if the GP practice (as the data controller) are not prepared, due to the focus on essential services, then they have the right to implement a pathway that would mitigate risks for themselves, such as to enable patients on request, rather than a blanket automatic switch on that carries significant risk for the practice.

  3. An excellent overview of a wide reaching, hardly advertised and poorly understood topic

    1) what is the latest position? – as this process was delayed (are you releasing an updated blog?)

    2) can you please explain a Type 1 and Type 2 opt-out for patients (not to be confused with your suggested options for GP practices as data controllers above)

    Once again thank you for some clarity on this topic and for speaking out for your patients and colleagues

Leave a Reply

Your email address will not be published. Required fields are marked *