Women’s campaigners warn of safety risks from NHS app medical records access

Domestic abuse survivors and stalking victims should consider deleting their NHS app or contacting their GP surgery as a change to allow access to medical records comes into effect, women’s safety groups have warned.

Campaigners and a doctors’ union have voiced concerns about the potential risks for vulnerable people as a result of the change in how NHS medical records can be accessed and said their safety has been “largely ignored” in the process.

By November 1, medical practices in England are expected to have enabled access so patients can see things like immunisations, test results and consultations in their NHS app.

But more than 20 organisations, including Refuge, Women’s Aid, the End Violence Against Women Coalition and the British Medical Association (BMA), said they are worried this could mean perpetrators of domestic abuse are able to view someone’s records if they have access to their phone or by coercing them.

Refuge, the UK’s largest domestic abuse organisation, said it is “deeply concerned that the safety of survivors has been largely ignored while these changes have been implemented”.

The BMA’s GP committee chairwoman for England, Dr Katie Bramall-Stainer, advised vulnerable patients to either not install the NHS app or to inform their GP practice teams if they wish to opt out of remote access “until we have reached safe and practical agreements over where and how we can protect the most vulnerable and disenfranchised members of our society, with Government and NHS leaders”.

She said that, while the change and ease of access will be a welcome development for most people, the “forced implementation” is a cause for concern for others.

Dr Bramall-Stainer said: “I worry for patients we frequently see, a parent whose abusive spouse may use sensitive clinical information to undermine legal cases of custody of dependents in the family courts, patients requesting covert contraception forbidden in their home or relationship, or those disclosing abuse from others who may have access to their smartphone. These are but a few examples causing GPs as data controllers to raise concerns about this flawed implementation.”

Refuge said it is “really disappointing and saddening that the Government and NHS England have not fully addressed the real risk to survivors that these changes will create”.

Ellen Miller, the organisation’s interim chief executive, said it is “essential” that the changes are publicised widely “so that survivors know to take the necessary precautions to improve their safety and privacy”.

She added: “Our message to survivors is simple: Call your GP surgery and ask that access to your records be switched off, so that they cannot be viewed in the app. If you are concerned, and it is safe for you to do so, please also consider deleting the NHS app from your device.”

An NHS England spokesperson said: “The NHS takes patient safety seriously, which is why we have worked with organisations representing victims and survivors of domestic abuse over the last 18 months to develop guidance for GP practices on how to deal with these cases, with patients able to decline access.

“An expert safeguarding group has also been established, comprising National Safeguarding Network, IRISi and Women’s Aid among others, to monitor implementation and ensure any concerns are acted on.”