Insurance companies use data protection loophole to slash GP fees by 90%
Exclusive Insurance companies are bypassing GPs' standard fees for writing medical reports and are requesting the whole patient record for as little as £10 each, by exploiting a loophole in data protection legislation.
Insurance companies are using the Data Protection Act to access their clients' full medical records from a practice, rather than pay the standard charge for a medical report of £97, after a decision by the Association of British Insurers (ABI) in February to rip up a deal over fees it reached with the BMA.
Under the Data Protection Act, GP practices are only allowed to charge a fee of £10, representing a 90% reduction in costs compared with the standard fee for a medical report, and with considerable extra burdens on the practice, which has to first redact sensitive medical information such as HIV or smoking status, that is unrelated to the insurance claim.
Pulse has learned that two unnamed insurance companies are using the Data Protection Act to access their clients' full medical records from a practice in Gloucestershire, and there are fears that this loophole could now be used more widely by insurers to reduce the fees they are charged by GPs, following the collapse of the agreement with the ABI.
Dr Philip Fielding, chair of Gloucestershire LMC, said: ‘We have told the practice to comply with the request while the dispute is investigated by the GPC, as we don't want anyone to fall foul of the Data Protection Act.'
‘However, we are concerned that confidential information that is not strictly requested will pass into the public domain. The GP would still need to read and edit the full patient record.'
‘To comply with this demand also risks giving the insurance company information that might be held against the patient. It tips the odds towards the insurers rather than the insuree when it comes to claims and settlements.'
The GPC has advised that if an insurer asks for the full medical record, it will first have to be sent to the patient for approval, along with a ‘briefing as to what the patient may wish to take out before sending it on to the insurance company.'
GPC advice sent to LMCs about the issue, says: ‘The point is that the DPA only entitles the data subject to have access, not anyone else. Although a lawyer is the patient's representative when instructed by the patient, this is certainly not the case with an insurance company.'
The BMA is seeking legal advice on the ABI's decision to scrap the deal on fees as it argues that the agreement is in the public interest.
Dr John Canning, Chair of the BMA's Professional Fees Committee told Pulse: ‘The BMA is aware that there are difficulties emerging with the current arrangements for insurance fees. We are raising these issues with the ABI directly.'
A spokesperson for ABI said: ‘The issue of accessing medical records is a matter for individual insurers and their customers.
‘All insurance companies are bound to comply with data protection legislation and it is for individual insurers to determine the appropriate ways that customers can provide their medical information.'
Let the company and your patient know that the company is not allowed to see the whole report, but that if they insist on their current approach then:
• The practice needs to be paid the DPA fee up front.
• The practice will have to send the report (subject to the usualexclusions) to the patient, with abriefing as to what the patient maywish to take out before sending it onto the insurance company.
• The practice cannot guarantee that the notes will arrive in the company'spossession in the same state thatthey left the surgery.
The point is that the Data Protection Act only entitles the data subject to have access, notanyone else. Although a lawyer is the patient's representative when instructedby the patient this is certainly not thecase with an insurance company.