logo

GPs and other healthcare professionals caring for you, keep records about your health and the treatment you receive from the NHS.

These help to make sure they can provide you with the best possible care. The information your GP practice holds is kept on secure computer systems and is only accessible by a small number of healthcare professionals who look after you.


In some circumstances, healthcare staff share information about your treatment and care (not your name) to improve the services offered and the care provided to everyone.

The type of information shared, and how it is shared, is controlled by law and strict confidentiality rules.

In Summary:

  • Your records are kept securely by your GP, and only accessed by those immediately involved in your care
  • Anonymous information on conditions, in which no personal details are kept, may be used by healthcare professionals to better tailor care and support to those who need it
  • Your data – and its use – is strictly governed by law and professional codes of conduct
  • You are entitled to see what information is kept about you
  • You have the right to opt out of your information being used in this way – please talk to your GP Practice if you have concerns

How is my own personal health information used?

Your own personal health information (individual health record with your name, date of birth, address and NHS number) is only used by those who are looking after you to provide what you need as an individual patient.

How do I know that this information is being protected?

GP practices only use the minimum amount of information needed to help improve patient care.

A thorough process has been developed that must be followed before any information can be shared. GP practices are very careful with the information and follow strict rules about how it is stored and used.

Everyone working for the NHS has a legal duty to keep information about you confidential in line with the NHS Confidentiality Code of Practice. The Data Protection Act 1998 sets out principles of handling information which all NHS organisations must follow. There are also security policies to protect your information.

Only secure methods are used to transfer your information between NHS computer systems and all processes meet NHS security requirements.

Only authorised staff such as your GP and medical staff or professionals involved in your care can see information which identifies you as an individual patient. Information used for the planning and design of health services involves data which does not identify individual patients. All access by these staff to patient records is recorded and open to official inspection by auditors. For further information on access to your patient record by care professionals, see Share Your Care.

Do I have a choice about my information being used in this way?

You have the right to opt out of having your information used for these purposes. If you would like to know more about how to opt-out or have any questions about how we use your information, please contact your Practice Manager.

Can I see a copy of my information?

The Data Protection Act allows you to find out what information is held about you in both manual and computerised records. If you would like to view a copy of your health records, you should write a request to the NHS organisation where you have been treated. Sometimes an administrative charge will be made – please talk to your Practice Manager in the first instance.

Do I need to do anything?

If you are happy for your information to be shared to help improve services, you do not need to do anything. There is no form to fill in and nothing to sign and you can change your mind at any time.

If you have concerns, please do speak to your GP practice.

Top Top