You are here:

Your records

About health records

Health records play an important role in modern healthcare. They have two main functions, which are described as either primary or secondary.  

Primary function of health records

The primary function of healthcare records is to record important clinical information, which may need to be accessed by the healthcare professionals involved in your care.

Information contained in health records includes:

  • the treatments you have received
  • whether you have any allergies 
  • whether you're currently taking medication
  • whether you have previously had any adverse reactions to certain medications 
  • whether you have any chronic (long-lasting) health conditions, such as diabetes or asthma
  • the results of any health tests you have had, such as blood pressure tests 
  • any lifestyle information that may be clinically relevant, such as whether you smoke
  • personal information, such as your age and address  

Secondary function of health records

Health records can be used to improve public health and the services provided by the NHS, such as treatments for cancer or diabetes. Health records can also be used:

  • to determine how well a particular hospital or specialist unit is performing 
  • to track the spread of, or risk factors for, a particular disease (epidemiology) 
  • in clinical research, to determine whether certain treatments are more effective than others

When health records are used in this way, your personal details are not given to the people who are carrying out the research. Only the relevant clinical data is given for example, the number of people who were admitted to hospital every year due to a heart attack. 


Types of health record

Health records take many forms and can be on paper or electronic. Different types of health record include:

  • consultation notes, which your GP takes during an appointment 
  • hospital admission records, including the reason you were admitted to hospital
  • the treatment you will receive and any other relevant clinical and personal information
  • hospital discharge records, which will include the results of treatment and whether any follow-up appointments or care are required
  • test results 
  • X-rays 
  • photographs 
  • image slides, such as those produced by a magnetic resonance imaging (MRI) or computerised tomography (CT) scanner  


Confidentiality of your health records

There are strict laws and regulations to ensure that your health records are kept confidential and can only be accessed by health professionals directly involved in your care.

There are a number of different laws that relate to health records. The two most important laws are:

  • Data Protection Act (1998)
  • Human Rights Act (1998)

Under the terms of the Data Protection Act (1998), organisations such as the NHS must ensure that any personal information it gathers in the course of its work is:

  • only used for the stated purpose of gathering the information (which in this case would be to ensure that you receive a good standard of healthcare)
  • kept secure

It is a criminal offence to breach the Data Protection Act (1998), and doing so can result in imprisonment.

The Human Rights Act (1998) also states that everyone has the right to have their private life respected. This includes the right to keep your health records confidential. 


Important changes to your health records

The NHS is currently making some important changes to how it will store and use health records over the next few years. Visit the Summary Care Records page for more information.



The 7 comments posted are personal views. Any information they give has not been checked and may not be accurate.

Eve Olv said on 06 December 2014

The Police and Immigration service also have access to this data via the National Back Office service - search NBO on the HSCIC website for details of the volume of releases to government agencies (but no details are available for the reasons). No patient consent is ever given for these releases.

Report this content as offensive or unsuitable

Ocra Bride said on 08 June 2014

Secondary function of health records is wide ranging and is not detailed enough in this article. It could include permissions for information collected direct from the GP surgery and without explicit consent. For example, The Department of Work and Pensions (DWP) could link health research to getting back to work and seek records for this research. The article also avoids setting out when information will be shared without consent and detail all the instances already in place under statute law, such as cancer registers. Some opt outs are available currently although most have no weight of law behind them they are simply allowed currently by the Secretary of State. Many vulnerable and not so vulnerable patients do not provide all information to their health care provider in fear of the data being taken, copied and used without consent. The protections are too weak and the NHS should empower all patients to have full control of their information and seek consent to share.

Report this content as offensive or unsuitable

iaintw said on 03 March 2014

If the gp is closed you have to go to hospital GP services and walk in centres and the reception asked you your name, address and your doctor surgey notes to their gp services so the doctor will have a look at your summary of your health. which tablets or meds that the doctor they presible to you

Report this content as offensive or unsuitable

Brian Steedman said on 21 February 2014

In common with a great many other people, I am entirely opposed to the creeping privatisation of the National Health Service. Every day a service provided by a public body is replaced by a serviced operated by a private company for profit.

Profit, if generated within a public health service goes back into the system and promotes its growth. Private systems generate profit for shareholders at the expense of patients and workers within the service. Wages in private set-ups are reduced to enhance profits, especially in the case of low paid workers.

If public health services are unsuccessful or unacceptable this is because government neither funds or organises it effectively.

I will not, therefore hand my private records to a service which will make them available to private companies enabling them to bid to undercut public services. This situation can be changed by the government agreeing not to make such data available to private companies. It would also help if they could actually be honest about what they are doing, but why would any Tory want to be honest?

I believe that a majority of people in Britain do not want private health companies to take over the running of our National Health Service.

Report this content as offensive or unsuitable

eurisko said on 15 February 2014

I have worked for the NHS and have been party to many breaches by a variety of Trusts over the years that causes me total reservation over this course of action. I, personally, have opted out as my GP and I agree that the existing system before implementation of computerisation has assisted personal care in hospital over the years well.

I read that the data will be anonymised with a DoB and address and I fail to see this as anonymised data. If the database is breached in anyway any company can cross-reference this information against the electoral roll (which is sold by councils) to make a pretty good determination of who the person(s) is/are.

With GCHQ and NSA intrusion the willingness of people walking straight into a risk of their personal data being lost - accidentally or maliciously is too great. If this data ever escapes into the wild, insurance companies will be able to access it and transparently or not could risk assess policies against it. Additionally where DNA information is included this could impact on future generations as their lineage and therefore previous family illnesses will be traceable.

This intrusion into personal privacy with very little publicity (the letter sent to everyone in England could easily be classed as junk mail). You also don't provide an online opt-out so kit requires a personal vista or posted letter to the GP in order to do so. You have made it difficult to say no and haven't publicised it very well.

Also it's reported that this information will be made available to selected 3rd parties. This increases the risk profile at the data being insecure.

This is a terrible idea and until there are satisfactory technical solutions that will prevent data being lost, it is far too soon to be doing this. In fact it could be the biggest error in judgment ever made.

Report this content as offensive or unsuitable

Goldilocks said on 19 January 2014

I think this is a marvellous idea and know only too well the problems not being able to access a patients note can cause My mother was very ill with cancer and it was a nightmare gaining access to her long term illness changing areas and staff changes in August, It was a stressful and very traumatic experience for all concerned.

Report this content as offensive or unsuitable

Don in Winch said on 17 September 2013

Today, 16th September 2014, I received a letter and leaflet (47016 English September 2012) introducing me to the 'fact' that NHS Summary Care Records will be put in place (for me) in the next 12 months.

Since my medical records contain incorrect information (established by my asking for a copy), I am concerned to see whatever records are produced and retained concerning me.

I cannot find any reference in the recent communication concerning access to 'my' information - which surely must be available - ref: Freedom of Information Act.

So, I followed the links for 'Where can I get more information', detailed in the leaflet - which I am told to keep for reference, with the following rather disturbing results . . . (see below)

'PALS online is no longer operational

This site’s content was provided by the efforts of unpaid contributors....'

'NHS Connecting for Health ceased to exist on 31st March 2013. This website is therefore not being updated. For up to date information about systems and services visit the Health and Social Care Information Centre website'

Will up to date information ever be distributed?
Will Freedom of Information be respected?

Report this content as offensive or unsuitable

Page last reviewed: 03/01/2013

Next review due: 31/03/2015

Sharing your data

Sharing some of your personal information, such as your postcode or NHS number, could help the NHS provide better services

Keeping your online health and social care records safe and secure

Guidance is available to help you understand what an electronic health and care record is, how you can access it, who you may want to share it with and how to perform these actions securely. This guidance was created by the Department of Health, working in collaboration with BCS, the Chartered Institute of IT, in 2013.

Download the patient guidance booklets:

Accessing medical records

If you want to view your health records, you may not need to make a formal application. Find out what you have to do

What is the NHS Number?

Everyone registered with the NHS in England has their own unique NHS Number. Find out what the NHS Number does for you.

The NHS Constitution

The Constitution sets out the rights patients, the public and staff are entitled to, and pledges the NHS is committed to achieving