How to request access to your health records
We are committed to protecting your information and making it easy for you to access your personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Requesting your records
Across University Hospitals of Liverpool Group, we are introducing a single, secure way of requesting access to your records. From 1 June 2026, we encourage all requests to be submitted through our secure online portal.
Access your records via our secure AMS Portal
The AMS Portal is the fastest and most secure way to request your information.
You can still contact the Trust using alternative methods; however, requests may be redirected to the portal to support efficient and secure processing.
To help us process your request efficiently, you will be asked to provide:
- Your full name and any previous names
- Date of birth
- Address and contact details
- NHS number (if known)
- Details of the information you would like (for example, specific dates or types of records)
- You will also be asked to provide proof of identity to ensure that your information is protected from unauthorised access.
If you are requesting records on behalf of someone else (for example, as a Solicitor or Legal Representative), you must provide:
- Valid consent from the patient, or
- Evidence of your legal authority to act on their behalf.
Step-by-step guidance is available within the AMS portal.
Once we have received your request and verified your identity:
- We will respond without undue delay and within one calendar month
- In some cases (for example, where requests are complex or numerous), this may be extended by up to a further two months. If this applies, we will inform you within the initial timeframe.
- Requests are free of charge in most cases
- A fee may only apply where a request is manifestly unfounded or excessive, or for additional copies. If this applies, you will be informed in advance.
We will provide a copy of your personal data held by the Trust within the scope of your request, which may include:
- Medical and health records
- Clinic letters and reports
- Relevant correspondence.
To protect the confidentiality of others and comply with data protection legislation, there are some circumstances where information may be limited or withheld:
- Information relating to other individuals (third parties) will be reviewed and may be redacted where disclosure would be unlawful or unfair
- Information relating to staff will be considered on a case-by-case basis in line with data protection legislation
- Some information may be withheld where an exemption applies under the Data Protection Act 2018 (for example, where disclosure could cause serious harm to the physical or mental health of any individual).
We are committed to ensuring that your personal information is handled lawfully, fairly and securely in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018.
We have measures in place to protect your information, including:
- Strict role-based access controls to ensure only authorised staff can access your records
- Mandatory data protection and confidentiality training for all staff
- Systems to monitor and audit access to records to detect and prevent unauthorised use.
