BMA calls for GP control over patient data

The British Medical Association (BMA) has urged policymakers to ensure that GPs retain control over patient data within the proposed NHS single patient record (SPR), intensifying debate over how health information should be governed in England’s future digital infrastructure. The intervention comes as plans for a nationwide SPR, designed to integrate patient data across primary care, hospitals and mental health services continue to take shape under the NHS’s long-term strategy. The system is expected to be rolled out by 2028, providing clinicians with a unified view of patient records across care settings.

However, the BMA has warned that removing GPs from their traditional role as data controllers risks undermining patient trust and clinical accountability. GP leaders argue that family doctors, who hold the most comprehensive and longitudinal patient records, are best placed to safeguard sensitive health information and act in patients’ interests. Dr Mark Coley, IT lead for the BMA’s GP Committee for England, has stated that retaining control would allow GPs to “advocate for patients” and ensure confidentiality is maintained in any data-sharing arrangements.

Government plans shift control to central bodies

Current proposals suggest that responsibility for the SPR will sit with NHS England or the Department of Health and Social Care (DHSC), rather than individual GP practices. Meeting minutes from NHS England’s Data, Digital and Technology Committee indicate that a centralised data controller model has already been agreed in principle.

Officials argue that because the SPR will combine data from multiple services,  including primary, secondary and social care, it would not be appropriate for GPs alone to act as data controllers. Instead, the NHS would take on the role of custodian, with patients expected to have a degree of ownership over their own records. The move reflects a broader shift towards system-wide data integration, with the SPR envisioned as a “single version of the truth” that can support clinical decision-making, service planning and research. Yet critics warn that centralisation could dilute professional oversight and introduce new risks around how data is accessed and used.

Privacy concerns and political tensions

The debate has also drawn in privacy campaigners, including medConfidential, who have raised concerns about the potential for increased political or commercial influence over patient data if control shifts away from clinicians. Campaigners argue that centralised control could weaken existing safeguards, particularly if patients’ preferences,  such as opting out of data sharing which are not consistently respected.

The issue is unfolding against a backdrop of wider tensions between the government and GP representatives. The BMA has already signalled the possibility of collective action related to patient data sharing, highlighting the depth of concern within the profession. These disputes are further complicated by ongoing changes to GP contracts and increasing pressures on primary care services, raising questions about how new digital responsibilities will be managed in practice.

Balancing interoperability with trust

At the heart of the debate is a fundamental challenge facing the NHS: how to balance the benefits of integrated data with the need to maintain patient trust and confidentiality. Proponents of the SPR argue that improved data sharing could transform care delivery, enabling clinicians to access complete patient histories, reduce duplication and support earlier diagnosis. International examples suggest that integrated records can improve coordination and outcomes when implemented effectively.

However, the UK’s experience with previous national data initiatives, including controversies around summary care records and data sharing schemes, underscores the importance of transparency and consent. GP records are particularly sensitive, often containing detailed information accumulated over a patient’s lifetime. Under current guidance, these records must be retained for the duration of a patient’s life and beyond, reinforcing the responsibility placed on primary care providers as custodians of this data.

A defining moment for NHS digital strategy

The outcome of the SPR governance debate could have far-reaching implications for the NHS’s digital future. If GPs retain a central role in data control, the model may prioritise clinical oversight and patient trust, but could complicate efforts to create a fully integrated system. Conversely, a centralised approach may accelerate interoperability and innovation, but risks alienating clinicians and raising public concerns about data use.

As development of the SPR continues in its “test and learn” phase, policymakers face a delicate balancing act. Ensuring that the system delivers both technological benefits and public confidence will be critical to its long-term success. For now, the BMA’s intervention highlights a key reality: the future of NHS data is not just a technical challenge, but a question of governance, trust and professional responsibility.

‍