blmc home
contact us
Useful Links
email us
Web design by
Stephen French


Use of Data Protection Act (SARS)

Further to the message below circulated by the LMC last week, the BMA/GPC has now produced its own guidance on this matter. Please also note the additional guidance note on the issue of electronic patient consent.


Numerous practices have concerns that certain insurance companies are inappropriately and increasingly using Data Protection Act Subject Access Requests (SARS) to obtain copies of entire medical records rather than the usual personal medical attendant reports. The LMC has issued previous advice on this matter and the BMA has brought it to the attention of the Information Commissioners Office (ICO).

Please find attached a letter from the ICO to the Association of British Insurers. The contents of this letter are quite unequivocal- such requests are wholly inappropriate and breach patients’ rights.

Therefore if you receive any further requests from insurance companies to release information by means of SARs please refuse and share the ICO’s letter with the insurance company. Please also advise the LMC of any further abuses so that the matter can be taken up nationally.

Click here to download the document "Focus on Subject Access Requests for insurance purposes".


News Archive

Select from the drop-down list below to view an item from our news archives.