Patients in the Isle of Man have been accessing their medical records online via EMIS Patient Access for almost five years – and can now also view those records securely through the NHS App.
As healthcare continues to be transformed through technology and digital innovation, the terms under which patient data is held and processed need to be updated and refreshed, to ensure the overriding principles of data privacy and security continue to be upheld.
The rollout of the EMIS Patient Access app in 2016 meant for the first time, Isle of Man patients could view their records, consultations, test results and other information held securely by their GP online. The app also offers patients a convenient way to contact their local practice, to book appointments and request prescription medicines, from their home computer or mobile device.
To enable this development, Isle of Man patient data is held on behalf of GPs in the secure EMIS datacentre in the UK, a system fully compliant with data protection and privacy legislation. As owners of the patient record, GPs remain in control of access to their patients’ data, underpinned by agreements within their practices. Patients are informed their data is not shared with anyone in the UK.
The advent of the NHS App has offered UK and Isle of Man residents a direct route to view their health records, as the App connects securely to their patient data held on EMIS, in the same way as EMIS Patient Access. Importantly, if a patient does not wish to use the NHS app then no data is available.
The App is also a neutral portal for Manx patients to access other applications offering a range of advice and information to promote health and wellbeing.
Island residents who have registered for the NHS App through high level authentication and explicit agreement to the terms of its operation, have been able to view their medical records, and for some people this has been unexpected. However, the Department of Health and Social Care and Manx Care can confirm that no additional sharing of data has been involved and patient data is protected, private and secure as it always has been, in line with the original commitments made.
The DHSC and Manx Care acknowledge that the public were not informed that the NHS App would be able to view patients’ health records, nor of the governance arrangements which allow for this.
It is the responsibility of the data controller, in this case GPs and Manx Care to let people know how their data is held or processed. With regard to the patient record, this responsibility passed from the Department of Health and Social Care to Manx Care in April this year.
Patient information is held securely on a patient administration system when they register with a GP for NHS services. Isle of Man patients are reassured that their data has not been shared with any third parties and that information which can be seen on the NHS App is only that held in EMIS, the accredited and quality assured system used to host millions of GP records.