More than 20 violence against women organisations have joined the BMA in expressing concerns around granting vulnerable patients access to their GP record.
NHS England has told practices they will need to offer automatic access to prospective records via the NHS App by tomorrow, 31 October, as per the changes to the GP contract.
The BMA’s GP Committee (GPC) said it had ‘grave concerns’ regarding the safety implications of this imposed contractual requirement, and considered a legal challenge to further delay its implementation.
Now more than 20 organisations, including Refuge, Women’s Aid, and End Violence Against Women Coalition said they are concerned about the safety of domestic abuse survivors and victims of stalking.
The organisations said there is alarm that perpetrators of domestic abuse may be able to gain access to a survivor’s records by coercing the survivor to share access.
They advised that GP practices ‘should be sensitive to the risks created by these changes’ and take ‘a proactive approach to protecting patients’, particularly where there are safeguarding concerns and need to be aware that women may be concerned and ‘respond speedily’ to requests to turn off access.
While some survivors may find that they have already been made exempt, or that specific information has been redacted by their surgeries, this will not be the case for everyone, the organisations said.
They urged survivors to:
- contact their GPs and request that access to their information is removed
- consider deleting the NHS App from their device ‘until better safeguarding and protections are in place’
- review any other medical apps they have downloaded on their devices, as they may lack adequate security measures if they were installed historically
GPC England chair Dr Katie Bramall-Stainer said: ‘For the majority of patients, access to their GP record on their smartphone will be a welcome development.
‘However, for a significant number of patients, especially those members of our society who are most vulnerable – women, children and those lacking capacity – the forced implementation of this process is a cause for concern for us as GPs.’
She said that for almost two years the BMA have been engaged with the Department of Health and NHS England ‘in highlighting GPs’ anxieties’.
Dr Bramall-Stainer added: ‘I worry for patients we frequently see, a parent whose abusive spouse may use sensitive clinical information to undermine legal cases of custody of dependents in the family courts, patients requesting covert contraception forbidden in their home or relationship, or those disclosing abuse from others who may have access to their smartphone.
‘These are but a few examples causing GPs as data controllers to raise concerns about this flawed implementation.
‘We would encourage any such patient to let their GP practice teams know if they wish to opt-out at the present time, or to not install the NHS app, until we have reached safe and practical agreements over where and how we can protect the most vulnerable and disenfranchised members of our society, with Government and NHS leaders.’
Ellen Miller, interim CEO of Refuge, said: ‘It is really disappointing and saddening that the Government and NHS England have not fully addressed the real risk to survivors that these changes will create.
‘These changes will allow perpetrators to gain access to survivors’ personal health records, including details on medications, sexual, reproductive, and mental health records, and disclosures of domestic abuse.
‘The lack of publicity around these changes means that some survivors records may already be available in the NHS app, and they do not even know it.
‘It is essential that these changes are publicised widely, so that survivors know to take the necessary precautions to improve their safety and privacy.
‘Our message to survivors is simple. Call your GP surgery and ask that access to your records be switched off, so that they cannot be viewed in the app. If you are concerned, and it is safe for you to do so, please also consider deleting the NHS app from your device.
‘While we know that some have already done so, we urge all GP surgeries to check their patient lists and exempt any patients that are considered vulnerable or that you have safeguarding concerns about.’
While the BMA’s proposed legal challenge was abandoned for financial and legal reasons, the GPC reiterated concerns about the safety of vulnerable patients having full record access and of the projected workload that GPs would take on to implement the programme.
Earlier this month, the BMA advised that GP practices should do a data protection impact assessment (DPIA) before enabling patient records access, and consider an opt-in model if risks identified.
A version of this story first appeared on our sister publication Pulse