Some patients find it helpful for a second person to have access to their online GP record. This is often a parent, family member, next of kin, close friend, carer or someone they trust to act on their behalf. This is called having proxy access. If you’re aged 16 or over, you can ask for someone to be your proxy for any reason. It does not stop you having access to your GP services yourself.
Please ask at reception for more information on how to set up proxy access.
Proxy Access Information Leaflet – Easy Read
If the patient does not have access to Online Services you will need to set this up first before being granted proxy access. You can also do this at the practice or by creating a NHS login.
A patient may choose to have more than one proxy, and each can have a different level of access.
Setting up Proxy Access can allow your representative to:
- book, check or cancel appointments with a GP, nurse or other healthcare professional
- order repeat prescriptions
- see communications between the GP and other services, such as hospital
- see parts of the health record, including information about medicines, vaccinations and test results
- Proxy Access requests are reviewed by a GP. If the GP has any concerns about providing Proxy Access to the second person the GP has a right to refuse to give your chosen person access.
Proxy Access using NHS App Account (Linked Profiles)
Linked profiles can be added to an individual’s NHS App allowing them proxy access, where appropriate consent is in place. Both you and the other person need to be patients at the same surgery.
Once access is set up, you can access the other person’s profile in your NHS account, using the NHS App or NHS website.
What Photo ID you need to prove who you are
Proxy Access using Patient Access
Access and manage another person’s online account using Patient Access. You and the other person can be patients at a different surgery.
How to register with Patient Access
– Come to the Surgery and provide photo ID so we can confirm your identity
– The receptionist will then issue you with: A Linkage key Practice ID Account ID
– Go to Patient Access and enter your registration details exactly as shown on the form.
– After registering, log on with your username and password.
Login to Patient Access
Login to Patient Access
You can also log in to your Patient Access account using the App
– Patient Access on the App Store
– Patient Access – Apps on Google Play
Having Problems with Patient Access?
Access Guidelines
You can only get online access to the GP services of a child aged under 16 if you are their parent or guardian with legal parental responsibility. Find out more about parental responsibility on GOV.UK.
Parents and guardians accessing information for children aged 0-10 years
We offer access for parents/guardians of children under the age of 11. This is for booking appointments and requesting medication only, not for viewing the medical record. Your access will be turned off automatically once the child is 11 years old. To gain access to a child’s information, you will need to attend reception with your ID and proof of parental responsibility (e.g. birth certificate).
Parental Identification and further information
– ID for you and the child, for example passports
– documents that help to prove you have parental responsibility, for example a birth certificate
– with anyone else that shares parental responsibility with you for safeguarding issues
– that the child consents to your access (agrees to it) or lacks capacity to consent, if they are aged 11 or over
You do not have to live at the same address as the child to have access.
You can have proxy access for more than 1 child, and a child can have more than 1 proxy acting on their behalf.
Parent and guardians accessing information for children aged 11-15 years
For children aged 11-15 years, access can be provided to parents/guardians for an agreed time frame. Parental/guardian access is not available for patients aged 16 and over, except for specific circumstances e.g. learning disability or a housebound patient. All proxy access requests for patients aged 15 years and under are reviewed by a clinician first.
Children’s rights, capacity and consent
Children aged 11 or over are usually considered to have the capacity to consent, or refuse access, unless for example they have a medical condition or learning disability that affects their understanding.
My child will not have capacity to make an informed decision
If you think your child will not be able to understand what it means to give you access to their online GP services, you can tell your GP surgery.
The GP surgery will give access based on the best interests of the child. This will usually mean having a parent or guardian acting on the child’s behalf.
When your online access will stop
Most GP surgeries also have an automatic cut-off age between 11 and 14, where online parent and guardian access is stopped to protect an older child’s confidentiality.
If your access stops, you can ask the GP surgery to restore it.
The surgery will check the child agrees to your access (consents) first.
Tell the surgery in advance if you think your child will not be able to understand what it means to give you access to their online GP services (called lacking capacity).
If you would like access to a record of someone aged 16 and over
When a young person is 16 years old, you may be able to access GP services on their behalf if they want you to be their proxy, or if they have a condition that means they cannot manage their health and care on their own.
If you are applying for access to a patient record who is aged 16 or over, you must attend reception with them. If the patient is able to give consent, both the patient and the person requesting access will need to provide photo ID. If the patient is unable to attend reception (e.g. housebound) or unable to consent (e.g. severe learning disability) then only ID from the person requesting access is required, not the patient.
Adults who cannot understand and agree to proxy access
To set up an online GP account for the person you care for, or to access an online account that they already have, you must be named as a ‘trusted person’ by the person and their GP. This is also known as ‘proxy access’.
To set up proxy access or become a trusted person, you will need the person’s consent. To give their informed consent, they must have the capacity to do so under the Mental Capacity Act. This means they must be able to:
- understand the information relevant to the decision
- retain that information for long enough to make a decision
- use or weigh up that information as part of the decision-making process
- communicate their decision to others
If the patient lacks capacity to decide on the level of access or are are unable to sign the form, please ask the GP or practice manager for advice.
The GP may ask to see the person alone before giving you online access as a trusted person. They may wish to ask whether there is any information in their medical file that they would like to be kept private.
The GP can decide not to give you access to any or all of the person’s online services if they feel it is not in their best interests.
The decision on whether to appoint you as a trusted person may take around two weeks, depending on how busy the GP is. It may be possible to make the decision more quickly if the need is urgent. If this is the case, ask to speak to the GP.
Access to online services with a lasting power of attorney
A lasting power of attorney (LPA) is a legal document that appoints a person (or persons) to make decisions on someone’s behalf if they are unable to do so themselves. There are two types of LPA: one for health and welfare, and another for property and financial affairs.
If you have been given lasting power of attorney for health and welfare please provide this to the practice along with the consent form and Photo ID. It is also helpful to register as a carer at the practice.
Being named as an attorney for health and welfare is not a guarantee that the GP will nominate you as a trusted person, so it is a good idea to talk to them about this as early as possible, preferably while the person has capacity to consent.
Deceased patients
Access to the records of a deceased patient is restricted to the personal representative of the deceased and to family members who might have a claim arising from the death of the deceased.
The duty of confidentiality remains after a service user has died. Under the Access to Health Records Act 1990, the personal representative of the deceased and people who may have a claim arising from the patient’s death are normally permitted access to the records.
The practice will usually require evidence that you are the personal representative i.e. executor of a Will, Letters of Administration, or that you have a claim arising out of the service user’s death. The Trust are required to consider
Identity verification
Before access to medical records and any online service is granted, patients will need to prove their identity to practice staff. This is to:
- Ensure patient confidentiality
- Provide secure access to personal, sensitive information
There are three acceptable ways of confirming patient identity:
1. Documentation
Most patients can prove their identity with documentation. Two forms of documentation should be provided as evidence of identity, and one should contain a photo. Acceptable documents include valid passports, photo driving licences and bank statements (issued within the last 3 months).
A full list of acceptable documents is published by the Cabinet Office. You can also verify your ID when using the NHS login.
Acceptable forms of Identification
– a birth or adoption certificate
– an older person’s bus pass
– an education certificate from a regulated and recognised educational institution (such as an NVQ, SQA, GCSE, A level or degree certificate)
– a rental or purchase agreement for a residential property
– a proof of age card recognised under the Proof of Age Standards Scheme (PASS)
– a Freedom Pass
– a marriage or civil partnership certificate
– a gas or electric account
– a firearm certificate
– a ‘high’ or‘substantial’ electronic identity’ from a notified eIDAS scheme
– passports that meet the International Civil Aviation Organisation (ICAO) specifications for machine-readable travel documents, such as a South African passport
– identity cards from an EU or European Economic Area (EEA) country that follow the Council Regulation (EC) No 2252/2004 standards
– UK photocard driving licences
– EU or EEA driving licences that follow the European Directive 2006/126/EC
– a Northern Ireland electoral identity card
– a US passport card
– a bank, building society or credit union current account (which the claimed identity can show by giving you a bank card)
– a student loan account
– a credit account
– a mortgage account (including buy to let mortgage accounts)
– a digital tachograph driver smart card
– an armed forces identity card
– a proof of age card recognised under PASS with a unique reference number
– a loan account (including hire purchase accounts)
2. Personal vouching
Practice staff can personally vouch for a patient they know. They must be confident of the identity of the patient. The name of the person vouching for an applicant’s identity, the method used, and date should be recorded in the patient record.
3. Vouching with confirmation of information held in the patient record
If a patient is registered with the practice but not known personally to any staff, it is acceptable to confirm the patient’s ID using additional security information.
This should be information taken from a patient’s record, such as current medication, date of any recent hospital visit or procedure, full names of any other inhabitants at that address, etc.
Data Protection
Protecting your data is important to us. We will only give out login details if we can verify your identity. This is why we require to see photographic ID; if you do not have this we will try to verify your identity another way, please bring any documentation that you have.
If you are unable to protect your login details from someone else and worry that someone else may be able to access your record against your will, then please do not apply for online access or please contact us and we can remove your access.
More information about Information Governance in our Privacy Notice.
Troubleshooting
If you forget your login details
If you lose or forget your login details, go to the website and click the ‘forgotten details’ button, then follow the instructions.
If you have already registered for online access but are having problems, please call the surgery or submit an admin query and this will be passed to our administrative team to contact you to try to resolve this.
Correcting Your Record
We always strive to ensure accurate medical records are kept. If when you read your record you notice a significant error please submit an admin query and we will review this.
Medical records will contain a lot of technical information and often abbreviations. You may wish to consult the NHS Website to understand any terms better.
If you request Summary Care record access you will be able to see details from the date you registered going forward. Any diagnosis made before that time will not be visible online unless you specify details in the request.