Skip to main content

Do I have the right to know who has accessed my medical records?

Do I have the right to know who has accessed my medical records?

Find Help

More Items From Ergsy search


Right to Know Who Accessed Medical Records

Understanding Your Rights

In the UK, the confidentiality of your medical records is protected by law. The General Data Protection Regulation (GDPR) ensures that your personal data is handled with care.

You have the right to know how your data is used and who has accessed it. This is part of the broader right to privacy patients hold within the healthcare system.

Access to Medical Records

Medical records are maintained for your health care and treatment. Healthcare providers must follow strict protocols when accessing your information.

Only authorised personnel should access your records, typically for reasons related to your care or treatment. Understanding who these personnel are is crucial for maintaining your privacy.

Requesting Information

You can request to see your medical records, including knowing who has viewed them. This process is facilitated through what's known as a 'Subject Access Request'.

The NHS and private healthcare providers are obliged to respond to such requests. They must provide access to your records within one month of the request.

How to Make a Request

To find out who accessed your medical records, you need to contact the healthcare organisation responsible for them. This could be your GP surgery or hospital trust.

Requests are typically made in writing, specifying the information you seek. You may be asked for proof of identity to ensure your data is shared securely.

Potential Outcomes

Once processed, you will receive a report detailing who accessed your records. The report includes reasons for access, ensuring transparency.

If you notice unauthorised access, you have the right to raise a complaint. This can be followed up with the healthcare provider or escalated to the Information Commissioner's Office (ICO).

Maintaining Trust and Security

Knowing who views your medical records helps maintain trust in the healthcare system. It reassures patients that their sensitive information is handled appropriately.

Healthcare providers are continuously audited to ensure compliance with data protection laws. This auditing forms a part of the NHS's commitment to safeguarding patient information.

Frequently Asked Questions

Do I have the right to know who has accessed my medical records?

Yes, under regulations like HIPAA in the U.S., patients have the right to request an accounting of disclosures, which includes who accessed their medical records and when.

How can I find out who accessed my medical records?

You can request an accounting of disclosures from your healthcare provider or the entity maintaining your records, which will list who has accessed your records.

What is an accounting of disclosures?

An accounting of disclosures is a record that shows who has accessed your medical records and why, as required under HIPAA law in the U.S.

Are there any exceptions to knowing who accessed my medical records?

Yes, certain accesses may not require notification, such as those for treatment, payment, or healthcare operations, but significant disclosures or access by external entities are typically reported.

How often can I request an accounting of disclosures?

Under HIPAA, you are entitled to one free request in a 12-month period; additional requests may incur a reasonable fee.

What information will an accounting of disclosures include?

It includes the date of access, the entity or person who accessed the records, and the reason for access.

Who can access my medical records without my permission?

Healthcare providers involved in your care, billing, or healthcare operations can access your records without explicit permission, but they must comply with privacy laws.

Can family members access my medical records?

Generally not without your consent, unless you have provided specific authorization or in emergencies where disclosure is deemed necessary.

What should I do if I find unauthorized access to my medical records?

You should report the incident to the healthcare provider's privacy office and, if necessary, file a complaint with the Department of Health and Human Services in the U.S. or the equivalent authority in your country.

How long does it take to receive an accounting of disclosures?

Typically, healthcare providers must provide an accounting of disclosures within 60 days of a request, with a possible 30-day extension under certain circumstances.

Does an accounting of disclosures show every access to my medical records?

Not every access will be included. Routine accesses for treatment, payment, and healthcare operations are typically not listed, but significant disclosures are.

Can I limit who accesses my medical records?

You can request restrictions on certain uses or disclosures of your medical records, but not all requests can be enforced under current laws.

What laws protect my right to know about access to my medical records?

In the U.S., the Health Insurance Portability and Accountability Act (HIPAA) provides rights related to access and disclosure of medical records.

Are electronic medical records more vulnerable to unauthorized access?

While electronic records offer numerous benefits, including easier access for authorized purposes, they can be vulnerable to breaches without proper security measures.

Can I receive a copy of my medical records?

Yes, you can request a copy of your medical records, and the healthcare provider is required to provide it, typically within 30 days of the request.

What penalties exist for unauthorized access to medical records?

Unauthorized access can result in penalties for entities, including fines or other sanctions, especially if it violates HIPAA regulations.

How do I lodge a complaint about unauthorized access to my records?

You can file a complaint with your healthcare provider or directly with the Office for Civil Rights under the Department of Health and Human Services in the U.S.

Can I find out if my medical information was part of a data breach?

Covered entities must notify you if your information is compromised in a data breach affecting your privacy or security.

What other rights do I have regarding my medical records?

You have the right to access, correct, and receive an accounting of disclosures regarding your medical records under regulations like HIPAA.

How does HIPAA protect my health information?

HIPAA establishes standards for protecting sensitive patient information, ensuring that disclosures of such information are limited and accounted for.

Useful Links

Useful Links : Do I have the right to know who has accessed my medical records?
Your health records

NHS information on how personal data, including health records, are used.
Can I access my medical records? (NHS)

NHS guide on how to access your own medical records.
How the NHS handles your data

Information about how your data is handled by the NHS.
Access to health records

Details on accessing health records within the NHS framework.
The Patients Association: Accessing your health records

Guidelines from the Patients Association on accessing your health records.
Your information and NHS health records

NHS Inform page about how your health records are handled in Scotland.
Understanding medical records and your rights

Mind charity information on understanding your medical records and your rights.
Handling and accessing medical records

Information Commissioner's Office guide on how medical records are handled and accessed.
Important Information On Using This Service


This website offers general information and is not a substitute for professional advice. Always seek guidance from qualified professionals. If you have any medical concerns or need urgent help, contact a healthcare professional or emergency services immediately.

  • Ergsy carfully checks the information in the videos we provide here.
  • Videos shown by Youtube after a video has completed, have NOT been reviewed by ERGSY.
  • To view, click the arrow in centre of video.
Using Subtitles and Closed Captions
  • Most of the videos you find here will have subtitles and/or closed captions available.
  • You may need to turn these on, and choose your preferred language.
Turn Captions On or Off
  • Go to the video you'd like to watch.
  • If closed captions (CC) are available, settings will be visible on the bottom right of the video player.
  • To turn on Captions, click settings .
  • To turn off Captions, click settings again.

More Items From Ergsy search