GP Record Access - keeping your information safe
Guidance on privacy, confidentiality, security, and consent
When people register for on-line services, some questions
they ask relate to the concerns over the privacy and confidentiality of
personal health information and will that be affected once individuals
have opened to using the internet to access their personal information
and request services.
Protecting your health information in general - some definitions
Privacy: is the right expressed by an individual to prevent access
by others to themselves. For citizens enrolled with the
National Health Service in the UK (NHS), it is only in exceptional circumstances (often when an individual requires protection e.g., on a witness protection programme) that individuals can retain total privacy. In those situations, 'demographic data' - name and address details - are prevented from being shared between agencies within the NHS.
Confidentiality: For most patients however, basic information about them is shared routinely, but under strict confidentiality guidelines overseen by a Caldicott Guardian, who is a senior person responsible for "protecting the confidentiality of patient and service-user information and enabling appropriate information-sharing" - safeguarding the interests of individual patients. An individual's GP record is also subject to these strict controls on who can and can't see medical information, and on what grounds, and this is how confidentiality is maintained.
GP Record Access - maintaining confidentiality by creating a safe password
Creating a safe password that is difficult for others to guess
Passwords are very important when accessing personal information over the internet (from your bank, supermarket or General Practice) because systems on the web are built to discriminate very carefully when incorrect passwords are entered.
Some tips from patients on creating strong passwords are below.
• Include both uppercase and lowercase letters and at least one number
• Do not use birthdays
• Do not include your login name, a.k.a. username, in any form (i.e. as is, reversed, capitalized, doubled), or any other name
• Avoid words that can be found in a dictionary (including foreign and technical dictionaries) these include names.
• Do not use a password that has already been given as an example of a good password.
Keeping your online Health and Social Care Record Safe and Secure
Having access to your GP records online is a great way to get involved in looking after your health. It’s natural to want to know what’s in your GP records and to use the information in them to help you get the best care and feel more in control.
Your GP records contain personal information, so it’s important to keep them safe. You should take the same care with your health and
social care records as you do if you use online banking. This guide
explains how to access your records safely, keep them secure, and
share them safely, if you choose to.
The NHS and British Computer Society have written this guide for people who are accessing their own GP records and who may want to share them with others. It doesn’t include specific advice if you’re using records on behalf of someone else who can’t do it themselves (for example, your children or someone who needs support to make decisions). To download the guide, click here.
You can improve your cybersecurity by taking six actions [click any of the links below to visit the UK Government CyberAware website.