Patient Access – updating your details – keep your data safe!

Patient Access is a useful online tool (also available as a phone App). It allows you  to go on-line and book an appointment, request a repeat prescription or to access some of your personal information. (If you want to register for it, see the link on the home page).

Your GP surgery will never send you a message asking you to click on a link to update your details. If in doubt, visit your registered surgery or contact them using trusted contact information.

Be aware that ‘phishing’ emails have been received by some patients. These emails claim to be from local GP practices and state that access to online GP services has been changed and that patients should log on to their account and update their information.

Please be vigilant, and report any such ‘phishing’ emails. Do not click on any links or open any attachments unless you are absolutely certain that a message is genuine. If you do click on any unverified links or attachments you may allow criminals to access your information and/or to corrupt your computer.

Ways to check that a message/request may not be from the true source it claims to be:

  • Check the email address. Is it the same as the email address you usually receive emails from, or just similar?
  • Check the email subject line. Be suspicious of “There is a secure message waiting for you”, “Security Alert”, “System Upgrade” or similar.
  • Check the message is personalised with information like your name, your postcode or part of your account number. If it isn’t personalised at all then you should be suspicious. Sometimes the message will contain someone else’s name.
  • Beware of a prompt to click on a hyperlink or a button, or to download a file – something like “Verify your account or password” or “update your security details”. These will likely take you to a copycat website where you will be prompted to enter your full details.
  • Be suspicious of any message that creates a sense of urgency, such as “If you don’t respond within 48 hours, your account will be closed”. A legitimate company will not create a false sense of urgency.

Never respond to any suspicious emails and don’t click on any links or attachments within them.

Phishing emails should be reported to: