Violence Against Women and Girls organisations, including Refuge, Women’s Aid, and EVAW, and the British Medical Association, are concerned for survivors of domestic abuse and stalking as GPs must automatically grant patients remote access to medical records via NHS app.
More than twenty Violence Against Women and Girls organisations, including Refuge, Women’s Aid, and End Violence Against Women Coalition, and the British Medical Association are concerned about the safety of domestic abuse survivors and victims of stalking as GPs in England fulfil their contractual requirement to provide patients with remote access to their medical records via the NHS app and website by the end of the month. There is alarm that perpetrators of domestic abuse may be able to gain access to a survivor’s records by coercing the survivor to share access or other means.
Since the 1st of April this year, GP practices across England have been instructed to grant access to patients’ medical records through the NHS app and other online portals. By the 31st of October, all surgeries in the country are contractually obligated to have provided this remote access to patients.
1 in 4 women will experience domestic abuse in their lifetime with 1 in 5 women likely to experience stalking and the group are deeply concerned about the implications that accessibility to these records will have on survivors of domestic abuse and stalking. There is a real potential that making medical records easy to access will put survivors at greater risk, as perpetrators weaponise information for abuse.
While the changes only have to apply to prospective medical records made from the date of access, the specialist Technology-Facilitated Abuse Team at Refuge have found owing to historical local decisions and patients previously opting in when joining practices, there are inconsistencies in the information available to patients. Some are only able to access new, or recent, medical records, while others can see as far back as the 1970’s and some have full information while for others sensitive information has been redacted.
While some survivors may find that they have already been made exempt, or that specific information has been redacted, by their surgeries, this will not be the case for everyone.
Survivors are urged to contact their GPs and request that access to their information is removed. You do not need an appointment with your GP to do this but can instead ask the reception team or any other member of staff at the practice with access to records to do this.
If it is safe to do so, survivors should consider deleting the NHS App from their device until better safeguarding and protections are in place. VAWG organisations such as Women’s Aid and Refuge have been engaging with NHS England to raise safety concerns for survivors over the past few years, and IRISi has developed specific guidance for GPs on how the app should be used in domestic abuse cases. Organisations will continue to work with NHS England to ensure the risks for survivors using the app are mitigated as much as possible.
Survivors are also advised to review any other medical apps they have downloaded on their devices, as they may lack adequate security measures if they were installed historically.
GP practices should be sensitive to the risks created by these changes and take a proactive approach to protecting patients, particularly where there are safeguarding concerns. They also need to be aware that women may be concerned and respond speedily to requests to turn off access