Purpose
To meet strategic objectives to improve access to GP care, this API enables patients (through a consumer application, such as the NHS App) to view and manage their permissions to their medical record and a selection of services provided at their GP practice. The permissions and access a patient can have is defined, set, maintained and controlled by the GP practice through their GP supplier system.
The API, specifically when getting a patient's permissions, also performs the function of enabling a patient's online access and setting their default permissions, should they not already have online access enabled. This is detailed in New online patient access.
Example scenarios
A patient can:
- view their permissions
- request to update their permissions to a higher level
A patient cannot:
- request to update their permissions to a lower level
API definition
The API covers permission management for:
- appointments
- prescriptions
- medical record
The following individual API calls are used by consumers to implement this API: