SUBJECT ACCESS TO HEALTH RECORDSPOLICY
Policy Manual/System / General
Author / Valerie Anderson / Version No / 1
Reviewer (policy review) / Implementation Date
(Completed by Corporate Services)
Signed By Responsible Director / Next Review Date
1.FUNCTION
Policy for Subject Access to Health Records for NHS Fife.
- LOCATION
Across NHS Fife
- RESPONSIBILITY
Medical Director
Caldicott Guardian
Data Protection Co-Ordinator
Head of Records
Delegated operational management by Medical Records Manager for
Acute Division and Primary Care requests and
Administration Services Manager for
Mental Health requests
- OPERATIONAL SYSTEM
The Data Protection Act 1998 gives individuals, or their representatives, the right of access to their health records. Patients have the right to ask any Health Professional that has treated them to see the records he or she has made about their health.
The Access to Health Records Act 1990 gives individuals the right to see health records of deceased individuals provided they have a valid interest in the record ie the executor.
5.REQUESTS FOR ACCESS TO RECORDS
5.1Requests for Access to Records by a Patient Representative
A patient can authorise a representative to access their health records on their behalf. This must be done in writing, with confirmation of the representative’s identity and relationship to the patient.
Representatives able to provide evidence that they are acting under power of attorney will be granted access to the health records of the patient.
5.2 Parental Responsibility
Parents, or those with parental responsibility, will generally have the right to apply for access to a child’s health record.
Parental responsibility is defined in the Children’s Act 1989 as ‘all the rights, duties, powers, responsibility and authority which by law a parent of a child has in relation to the child and his property’.
In practice, parental responsibility would include –
- Having the child live with the person with responsibility or having a say in where the child lives
- If the child is not living with him/her – having a personal relationship and regular contact with the child
- Controlling, guiding and directing the child’s upbringing
- Financially supporting the child
5.3 Health Records Relating to the Deceased
Applications for access to health records of the deceased are made under the Access to Health Records Act 1990.
Where the patient has died the patient’s representative or any person who may have a claim arising out of the patient’s death may make an application. Access shall not be given to any part of the record which in the opinion of the health professional would disclose information which is not relevant to any claim which may arise out of the patient’s death.
5.4 Solicitor/Insurance/Medical Company Requests
Solicitors/Insurance/Medical companies who are acting in civil litigation cases for patients should obtain written consent from the patient.
6. APPLICATION FOR ACCESS TO HEALTH RECORDS
Any application for access to health records must be made in writing.
Applications must be signed and dated by the applicant.
Where an application is made on behalf of an individual, a signed form of consent must accompany the written application.
7. DUTY TO CONSULT ON A VALID APPLICATION FOR ACCESS TO RECORDS
On receipt of access to health records, the Medical Records Manager/Administration Services Manager has a duty to consult the relevant Health Professionals on issues relating to the disclosure of information –
- To confirm that the applicant is of an age and capacity to understand the nature of the application
- To take a decision regarding the withholding of access to all or part of a health record
- To provide assistance where records may need to be explained to the applicant
8. FEES TO ACCESS AND COPY HEALTH RECORDS
Under the data Protection Act 1998 (Fees and miscellaneous provisions) regulations 2001, a patient can be charged to view their records or to be provided with a copy of them.
Maximum charges will include postage and packaging costs and are intended to cover the reasonable administration costs of disclosure.
To provide copies of patient health records, the maximum charges are as follows –
- Health records held on computer – a maximum charge of £10.00
- Health records held both on computer and manually – a maximum charge of £50.00
- Health records held manually – a maximum charge of £50.00
If a patient wishes to view their health records or obtain copies, access is free if the records have been added to within the last 40 days.
Within NHS Fife if a patient wishes to view their health records or obtain copies, charges will be as above to a maximum of £10.00.
Charges for photocopying will be added for patient/representative access at 10p per copy. This will be on top of the £10.00 access charge. The maximum fee including photocopying cannot exceed £50.00.
Solicitors acting on behalf of patients will be charged at £50.00. No charge may be made for photocopying. Ifthe solicitor is requesting a copy of an Accident and Emergency record only then a fee of £10.00 plus photocopying at 10p per sheet will be charged.
9. TIME SCALES
Response to access to records will be within the timescales outlined in the Data Protection Act 1998 and Access to Health Records Act 1990.
If a fee is to be charged for the access request, the applicant will be informed that a fee is payable and the amount requested.
Information will not be provided until such time as the fee has been paid.
Responses to requests for access must be made within 40 days of the date of receipt of the request providing the fee has been paid.
10. DENIAL OF ACCESS
Access to all or part of a record will be denied if –
- In the opinion of the relevant health professional, the information to be disclosed would be likely to cause serious harm to the physical or mental health of the applicant or any other person
- Where the record relates to, or has been provided by, an identifiable third party, unless the third party has consented to disclosure.
In addition the Data Protection (Subject Access Modification) (Health) Order sates that access may be denied in circumstances where –
- The granting of access to a patient representative would disclose information provided by the patient in the expectation that it would not be disclosed to the person making the request
- The granting of access would disclose information obtained as a result of any examination or investigation to which the patient consented, in the expectation that the information would not be so disclosed to another individual
- The patient has expressly indicated that such information should not be disclosed to another individual
Notification of refusal to grant access will be given as soon as possible in writing to the applicant.
11. DISCLOSURE OF THE RECORD
Once the appropriate consent documentation, disclosure approved and fee paid, the copies of the health records will be sent to the patient or their representative in a sealed envelope by recorded delivery.
12.RISK MANAGEMENT
There is a risk to the organisation of inappropriate disclosure of third party information due to volume of casenotes to be checked.
13. RELATED DOCUMENTS
13.1Application to Subject Access to Health Records (form)[see attachment] /
13.2 Information for Patient (leaflet) [see attachment] /
14.REFERENCES
14.1 - the information Commissioners web site for information on the Data Protection Act 1998
14.2 - Government web site for information on the Access to Health Records Act 1990
14.3 - Health Rights Information Scotland web site for more information on ‘How to see your Health Records’ (weblink attached below)
SIGNATURE: / ………………………………………………………….DATED:
REVIEW DATE:
NHS Fife is committed to the provision of a service that is fair, accessible and meets the needs of all individuals.
File Name: Access Procedure / Issue / Department: Health RecordsOriginator: Morag Scott / Page 1 of 6 / Review Date: June 2010