§ Ms HarmanTo ask the Secretary of State for Health what plans he has to investigate the extent of access to patients' medical records, computer and written, in hospitals and general practice by non-authorised persons. [3766]
§ Mr. HoramProtection of medical records is the responsibility of the organisation which holds them. Breach of confidentiality is a disciplinary matter. Guidance has been issued to national health service organisations drawing their attention to the laws which protect patient confidentiality, the most recent being, for computer records, the NHS top level security policy 1992. Further guidance affecting both computer and manual records is to be published shortly.