The British Medical Association (BMA) has called for doctors to remain in control of GP data in the single patient record data, rather than the Department of Health and Social Care (DHSC).
Under the NHS 10 year health plan, a single patient record is planned to bring together information across care settings including primary care, hospitals and mental health services in England by 2028.
Minutes from an NHS England Data, Digital and Technology Committee meeting held in May 2025, obtained via a Freedom of Information request by the campaign group MedConfidential, confirm that NHSE, which will have been merged into DHSC, will take on the data controller role for the SPR.
“It was accepted that an appropriate data controller for SPR is necessary, which will require a review of the legislative framework; given SPR will be a multi-service record it would not be appropriate for GPs to act as the data controller.
‘It was agreed that while the NHS will be the data controller/custodian, patients would expect to own their records: how this can be achieved requires further thought,” the minutes state.
However GP leaders have pushed back against the proposals and argued that doctors should remain in control of GP data.
Dr Mark Coley, BMA’s GP Committee for England IT lead, said: “While we welcome future discussions on the SPR, it is still the BMA’s view that GPs themselves must remain the data controller of the GP record.
“This data controllership role would allow us to act for the best interests of our patients, to advocate for them in any data sharing processes, to maintain confidentiality and, ultimately, to ensure we have the trust of our patients.”
MedConfidential told Digital Health News that government control of SPR data risks giving politicians greater influence over how medical records are used.
Sam Smith, policy lead at medConfidential, said: “Mr [Wes] Streeting thinks he should be the data controller of every patient’s entire medical history – taking control away from registered medical professionals, as well as from patients themselves, if his new single Palantir record ignores opt-outs and past promises.
“If Wes gets his way, it won’t be GPs who determine how data in the SPR gets used.
“Instead, the confidential relationship between doctor and patient will be broken, and the politicians of the day will decide – because the SPR under political control will contain all the notes of every appointment made by a GP, alongside the recordings of appointments in the proposed Neighbourhood Health Centres with mandatory ambient scribing.”
Speaking in November 205, Ming Tang, interim chief digital and information officer at NHSE, said that the SPR will connect existing systems, such as electronic patient records and shared care records, rather than create a “massive new platform or a huge data lake”.
Meanwhile, the government has granted approval for UK Biobank, Genomics England and Our Future Health to access coded GP patient data for research purposes, with NHSE responsible and legally liable for the data.
Digital Health News contacted NHSE and DHSC for comment.
