In accordance with the GDPR Data Protection Act 2018 and Access to Health Records Act 1990, patients may request to see their medical records. Such requests should be made through the practice manager and will not be charged unless a second copy is requested soon after the first.
All Subject Access requests will require photographic ID to be shown in person.
In general practice we have a legal responsibility to ensure patients’ data and information held in their individual medical records remains secure. Verification of patient identity is an essential step towards this.
We must be satisfied that every request comes from the subject of the SAR and not someone attempting to fraudulently access their data. Therefore if a requestor cannot suitably prove their identity the request will be declined.
No information will be released without the patient’s consent unless we are legally obliged to do so.