Health records: Frequently asked questions

What are my rights?

Under the General Data Protection Regulation (GDPR), individuals (also known as Data Subjects) have a legal right of access to their personal data. This includes access to their health records. 

How long will it take?

Under GDPR, a request must be met without delay and within one calendar month of receipt.

This can be extended by a further two months where the request is complex or where there are numerous requests.

If this is the case, the Data Subject will be contacted within one month of the receipt of the request and informed why an extension is necessary. 

Will I need to pay?

Under the old Data Protection Act, a fee could be charged for providing copies of health records.

GDPR allows most requests to be made free of charge.

However, a reasonable fee can be charged for further copies of the same information or when a request is manifestly unfounded or excessive, particularly if it is repetitive.

Any fee will be based on the administrative cost of providing the information. 

How will the information be provided?

Copies of scans or x-rays will be provided on a disc which will contain viewing instructions.

In most cases copies of health records will be provided on paper.  

Will I receive all the information I have requested?

Access to health records may be denied or restricted in some circumstances. For example: 

  • If access might cause serious harm to the patients' physical or mental health
  • If the record contains third party information
  • If a request is manifestly unfounded or excessive 

How can I appeal or complain?

Individuals may appeal against a decision to refuse access, initially to the Trust's Data Protection Officer, and then through the Patient Advice & Liaison Service: 

Data Protection Officer

Tel: 01793 604717

Email: gwh.subjectaccess.requests@nhs.net

Patient Advice & Liaison Service

Tel: 01793 604031

Email gwh.pals@nhs.net 

All refusals will be in writing setting out the reasons and the right of the Data Subject to complain to the Information Commissioner's Office (ICO) and to seek a judicial remedy: 

Information Commissioner's Office

Wycliffe House

Water Lane, Wilmslow

Cheshire, SK9 5AF

Tel: 01625 545 700

Fax: 01625 524 510

https://ico.org.uk/ 

How can I access patient records of a deceased person?

GDPR relates to living individuals.

Access to the health records of deceased patients is governed by the Access to Health Records Act 1990.

A fee may be charged for providing copies of the health records of deceased individuals.

The fee will be based on the administrative cost of providing the information 

How do I make a formal application?

Application forms are available to collect from the hospital Atrium Reception or can be downloaded from the Trust website.

Email or post the completed form to the Health Records Department.  

Email address:

gwh.subjectaccess.requests@nhs.net 

Postal address:

Health Records Supervisor (Support Services)

Great Western Hospital

Marlborough Road

Swindon

SN3 6BB 

We will contact you to arrange a viewing appointment or collection of copy records. When collecting your records please ensure you bring some photo identification. 

For further enquiries concerning access to your health records, please contact the health records department on 01793 604699.

Report a problem with this web page

Please contact us at gwh.webmaster@nhs.net and we'll put it right.

Translate this page: