How does the IG work?

  • When GPs enable Record View, they remain the Data Controller of their patients' medical records

  • The organisation employing the health and care professional when they request to view the record is a separate Data Controller for the information the professional employee sees through Record View

  • We're Data Processor for the time-limited Record View period via our standardised Data Processing Agreement and Record View Feature Specific Processing document

    Why no data sharing agreements?

  • Record View removes the need for separate data sharing agreements between GP practices and secondary care organisations

  • Data sharing agreements aren't legally required and are typically only used for continuous data sharing, compared to the Record View model of ad hoc sharing with patient permission provided each time

  • This approach meets the IG standards of national bodies - see below 👇


Why healthcare providers trust Record View?

  1. Meets the IG standards of national bodies

    • Record View aligns with guidance from the The NHSX Health and Care IG Panel and was developed in consultation with former National Data Guardian, Dame Fiona Caldicott. Please read her correspondence in full here.

  2. GPs are in control

    • GPs are always in control as they must enable Record View.

    • Live audit trail enables GPs to track who requests to view their patients' records and the status of those requests

  3. Secure method of patient permission

    • Patients approve each request from a health and care professional to view their record via multi-factor authentication

    • Patient's contact number is retrieved from the PDS and non-editable

    • SMS sent to patients with the code includes the name of the requesting health and care professional and a link to an accuRx webpage informing them how their record will be viewed and what to do if they weren't expecting the request


How will accuRx regulate Record View?

  • Use conditions

    • Health and care professionals can only access Record View with an approved accuRx account and to provide direct care to patients

    • The record summary is only available for 24 hours. After this elapses, the health and care professional must initiate another request to view and the patient must provide permission again

  • Audit trail for GPs

    • Live audit trail for GPs to to track who requests to view their patients' records and the status of those requests

      • Only GPs can see this viewing history and it's not recorded in the record

    • Audit trail shows the name of the requesting health and care professional requesting, when the request was made, their employer and whether the request was successfully authorised

  • accuRx oversight

    • We'll investigate instances of misuse and take remedial action, including disabling Record View, for any offending health and care professionals

    • We'll also report evidence of serious and frequent misuse to relevant authorities and regulators as required


What does accuRx do with data in the medical record?

We process the record data in accordance with the our Data Processing Agreement and the Record View Feature Specific Processing Page.

All data is encrypted in transit via HTTPS and encrypted at rest via Transparent Data Encryption in accuRx’s secure cloud servers for up to 7 days only.

When a record is successfully requested, we retrieve the record from the GP system in the background, to prepare it for prompt viewing. However, the summary view of the record is only provided when the code is entered. If the code isn't provided after a minimum time period, the data is securely deleted.

The only data stored after the request is made is metadata to provide an audit trail for GPs. The contents of the patient’s medical record are always securely deleted from our servers after the viewing period.


How often is the record updated?

We pull the medical record at the point the health and care professional enters the correct code in accuRx web, so this ensures the latest version of the record in the clinical system is pulled each time


What happens if there's missing or incorrect data in the record?

We're aware that Data Controllers must uphold data subjects' right to rectification under the UK GDPR.

If we're notified directly of any inaccuracy in a record shown in Record View, and we confirm the inaccuracy isn't from a technical error, we'll advise the patient or the health and care professional involved in their care to direct this to the patient's GP and we'll give them reasonable assistance to help them do this.


Is the record redacted for any third party information?

Third party information isn't redacted from the record by default because Record View is only accessible to health and care professionals involved in the patient's care.

However, third party information is usually only contained in the consultation notes section of the record summary which is only available for GPs viewing their own patients' records.

Did this answer your question?