The NHS IT agency believes measures to protect patient data strike the right balance between allowing rapid access where appropriate and security, but some GPs remain unconvinced.
Under the system, GPs or consultants will be able to override access restrictions put in place by patients by claiming they have a 'legitimate relationship', and that the patient has allowed access.
A separate mechanism also al-lows clinicians access to records if they claim this is 'in the public interest', or under a court order.
An audit trail and alerts should be triggered if clinicians inappropriately access records, but there is no mechanism to prevent this.
Connecting for Health GP clinical lead Dr Gillian Braunold admitted that it would be possible for a GP to falsely register a patient and then access their data inappropriately 'within a few minutes'.
But she said: 'How difficult do you want it to be to register some-one and access their data? If a patient comes through the door you want to be able to do it fast.'
Dr Braunold added that alerts would be triggered that could be followed up if a clinician's use of the system was odd.
She also pointed out that not all smartcards for use with the IT system allow full access to records. Cards issued to receptionists, for example, do not allow them to view clinical information.
But joint GPC and RCGP IT committee chairman Dr Paul Cundy said clinicians would be able to breach the rules with impunity because 'billions' of alerts would be created, making it impossible to follow them up.
'The whole thing is loose. I'm advising patients it's not necessary for their care,' he said.
GPC negotiator Dr Richard Vautrey said the system would have to rely on trusting that clinicians would only view appropriate records.
He said making it clear that inappropriate access to records was 'a GMC matter' would act as a strong deterrent to abuse.
Patients will first choose whether or not to have a summary record created (see box above). They will also be able to access their data via the Health Space website where access will be protected by a complicated password system.
- Patient chooses whether to have a record.
- If they choose not to, a blank record is uploaded to the NHS spine with demo-graphic data only.
- If they have a record, they must choose whether it should be open to all relevant clinicians or restricted.