Legal risk over Care Records
In your article 'Code warning over care record' (News, 18 January) you make the point that entering the 93C3 Read Code in a patient's records may not stop any future uploading to the spine.
There is a further but more critical point that should be brought to the attention of all GPs.
If a patient requests that no data should be uploaded then the GP is legally bound by the Data Protection Act to adhere to that request: the GP is the data controller and they will have had a competent instruction from the data subject (the patient).
This requirement must be adhered to no matter what the upload process. It follows that if the GP has entered a 93C3 code in the patient's records to attest and document the request, he would have no defence whatsoever if the records were subsequently uploaded.
Whether or not the upload blocking technology works with the 93C3 code, those records must not be uploaded unless and until the patient changes their mind.
This view has been confirmed by the GPC lawyer. It is with this in mind that I am hopeful that GP systems suppliers will be implementing a '93C3 block' that operates independently of any CfH specified process.
Dr Paul Cundy, co-chair of joint IT committee, GPC/RCGP