This page describes the data processing involved in Accurx’s Record View feature, the relationships between the organisations involved in using it, and what happens when a GP practice enables the feature. It’s designed to provide you with a comprehensive description of what’s involved when you switch on Record View for your practice, and is therefore slightly technical in nature. For a quick overview of the feature and who can use it, visit Accurx Record View.
This page should be read in conjunction with the accurx Data Processing Agreement (the “Agreement”). Capitalised terms in this appendix shall take their meaning from the Agreement, unless otherwise defined herein. You may also want to read our Record View DPIA template.
Accurx’s GP Record View product ("Record View") enables GPs to easily and securely let health and social care professionals providing direct care to a patient ("Health and Care Professionals") view that patient’s GP Medical Record (the “Record”).
Record View will only be available for a GP practice’s patient records if that GP practice enables Record View functionality. When Record View is enabled, Health and Care Professionals can use their Accurx Web accounts to securely view the patient’s Record, only when they have received explicit patient permission from the patient.
Health and Care Professionals request to view the Record through Accurx Web. The patient will confirm permission by providing a unique code sent to them by SMS (using the number registered on the NHS Personal Demographic Service ("PDS")). If the Health and Care Professional enters the code provided by the patient, they will receive a 24-hour, read-only, view of the patient’s Record.
If the patient chooses not to give them the code, the view will not be provided.
The roles of the different systems, individuals and organisations involved in using Record View are set out below.
These are the systems the data in Record View (presented as View-only) is drawn from. It's also data for which the GP practice acts as the Data Controller.
Enables Record View functionality and in doing so instructs Accurx to permit Health and Care Professionals to view the Record when security conditions are met.
Grants access to their Record by providing a code for 2-factor authentication.
Delivering direct care to the patient and seeking to view the Record for that purpose
The organisation that employs the Health and Care Professional at the time they request to view the Record. This organisation becomes a separate data controller (“Secondary Data Controller”) for the information its employee obtained through Record View. Accurx continues to act as its Data Processor for the time-limited Record View period
Instructed by the GP practice (Primary Data Controller) to provide a time-limited view of the Record when security conditions are fulfilled
Record View will provide Health and Care Professionals with the information from the Record they need to effectively treat patients.
This includes:
Information not necessary for this purpose is excluded from Record View:
Health and Care Professionals search for patients and request to view their Record in the Accurx Web platform through the following steps:
Record View shares GP Medical Records on a time-limited, ad hoc basis, with patient permission provided each time, not continually.
Healthcare Organisations access Record View on the basis of the Agreement, the details on this page, and our Terms and Conditions.
Record View ensures security through multiple safeguards:
All data processed from the Record is encrypted in transit via HTTPS and encrypted at rest via Transparent Data Encryption in Accurx's secure cloud servers for up to 7 days only.
When a Record is successfully requested, Accurx retrieves the record from the GP system in the background, to prepare it for prompt viewing. However, the view of the record is only provided when the code is entered. If the permission code is not provided after a minimum time period, the record is securely deleted.
The only data stored after a request is metadata to provide the audit trail for GPs. The contents of the Record are always securely deleted.
Health and Care Professionals’ use of Record View is subject to the following conditions (collectively, “Use Conditions”):
The information provided in Record View from the GP Medical Record is provided on an “as is” basis. Accurx is not responsible for this information and expressly disclaims any liability arising from use of or reliance on such information.
If the Health and Care Professional breaches the Use Conditions, this shall constitute a breach of the Agreement and the Accurx Terms and Conditions by the Health and Care Professional and Secondary Data Controller.
Accurx is not responsible for any misuse of Record View.
Record View includes an audit function for GPs to oversee all requests for their patients Records by Health and Care Professionals. GPs can access this log through the “Manage my Practice” section of the Accurx desktop platform.
The audit function shows the name of the Health and Care Professional requesting to view the Record, the time the request was made, the identity of the Secondary Data Controller and whether the request was successfully authorised.
By using Record View, the Health and Care Professional (on behalf of themselves and the Secondary Data Controller) agrees to this information being provided to the patient’s GP and the Primary Data Controller.
Should any GP identify potential misuse of Record View by a Health and Care Professional, they shall notify Accurx. Upon receiving notification of misuse, accuRx will investigate the issue and notify the reported Health and Care Professional.
If misuse reports are received for a Health and Care Professional or Secondary Data Controller, Accurx reserves the right to take enforcement action, at its full discretion, including disabling Record View for the individual Health and Care Professional or the Secondary Data Controller.
Accurx will report any evidence of serious and frequent misuse to relevant authorities and regulators as required.
Accurx is aware that Data Controllers must uphold data subjects' right to rectification under the UK GDPR. If Accurx is notified directly of any inaccuracy in a Record shown in Record View, and it confirms the inaccuracy is not as a result of a technical error, it shall advise the patient or the Health and Care Professional involved in their care that this should be directed to the GP, and will offer reasonable assistance to them in doing so.