Allow patients access to and ownership of their own electronic patient
records; to require medical professionals to maintain and share electronic
patient records as part of individual care plans; and for connected purposes.
Be it enacted by the Queen’s most Excellent Majesty, by and with the advice and
consent of the Lords Spiritual and Temporal, and Commons, in this present
Parliament assembled, and by the authority of the same, as follows:—
(1) This section sets out the three patient data principles.
(2) The Ownership Principle is that patients own their medical data.
The Control Principle is that patients have the right to access their medical data
and to control its use (including the right to share it for research or other
The Maintenance Principle is that healthcare professionals have a duty to
maintain an effective whole-of-life record for each patient across the entire
(5) In this Act—
(a) “patient” includes any person who has accessed medical services;
“medical services” includes health services of any kind (including
mental health services and care services), whether provided by a
general practitioner, in a hospital, in a care home, or in some other way;
“medical data” means all records and information made or kept by a
person who provides medical services to a patient, in respect of that
patient and those services;
“healthcare professionals” includes doctors, nurses, care-workers and
any other professional who has responsibility for the provision or
administration of medical services or for the compiling or maintenance
of medical data.
Electronic Patient Records (Continuity of Care) BillPage 2
The Secretary of State must make regulations (“Patient Data Regulations”)
designed to implement the patient data principles.
(2) In particular, Patient Data Regulations must—
provide a general right of ownership by patients of their medical data,
and specify the practical implications of that right for healthcare
(b) provide a general right for patients of access to their medical data;
provide for the establishment in respect of each patient a single
consolidated record of every health event in respect of which the
patient has received medical services.
(3) Patient Data Regulations must ensure that, in particular—
hospitals and other providers of health services may not make charges
for access by patients to their own medical data;
medical data is recorded and maintained by reference to a single
identifying code that remains with each patient throughout his or her
healthcare professionals are required to have regard to the patient data
principles in the performance of their functions.
(4) Patient Data Regulations—
may confer functions (including discretionary functions) on healthcare
(b) may amend enactments.
(5) Patient Data Regulations
(a) shall be made by statutory instrument;
may not be made unless a draft has been laid before and approved by
resolution of each House of Parliament;
may include supplementary, incidental, transitional and consequential
(1) This Act comes into force on Royal Assent.
This Act extends only to England and Wales, and applies in relation to England
This Act may be cited as the Electronic Patient Records (Continuity of Care) Act