General Practitioners (GPs) are custodians of the data held in their practices and have a key role in ensuring that public confidence is maintained.
This need for confidence goes far beyond just getting the right level of data security and privacy. When a patient registers with a GP and seeks healthcare, there is the normal expectation that health data will be shared with appropriate organisations in order to provide direct care. Issues of trust and consent for sharing for direct care are already addressed by policy and professional guidance, e.g. NHS Scotland Code on Patient Confidentiality and Access Framework governing for staff.
Guidance published by the General Medical Council states:
SPIRE has committed to safeguard the confidentiality of information in patients' records.
General Practices will be able to decide which aspects of SPIRE they wish to participate in and patients will be able to opt out as individuals if they choose. The pages in this section provide a guide on the safeguards implemented in SPIRE; more details are available in our FAQs.