Skip to main content

Part of DAPB3051 Identity Verification and Authentication Standard for Health and Care, Authorisation Use Case: Proxy

4.1.3 Establish whether access is safe

Previous Chapter

4.1.2 Establish whether access is relevant

Current Chapter

Current chapter – 4.1.3 Establish whether access is safe

View all

Next Chapter

4.2 Establish a basis for access

Clinical professionals and staff must check for known safeguarding concerns to minimise the risk of patient harm from proxy access. They can achieve this by doing the following. 

Check the patient's medical record 

Clinical professionals and staff must check for relevant safeguarding concerns within the patient's medical record before granting access.  

This safeguarding check will inform what information, if any, must be redacted if proxy access is granted.  

The presence of anything other than trivial levels of redaction within a patient's record must trigger careful consideration of whether proxy access is in fact safe for the patient. 

Check the proxy's medical record 

Clinical professionals and staff must check the record of the proxy to identify known safeguarding concerns related to the proxy, where access to the proxy's record is possible. 

Check authoritative sources 

Clinical professionals and staff can also check an authoritative source of safeguarding information to establish safeguarding concerns about the patient or proxy.  

For example, Child Protection Information Sharing (CP-IS), a national service, should be used to check if a child is on a child protection plan as part of deciding on proxy access.  

Clinical professionals and staff are also encouraged to seek the support of colleagues, for example safeguarding leads, and statutory agencies, if needed. 

Consider coercion 

Clinical professionals and staff must consider the risk that a patient is being coerced into consenting to proxy access. Patients are particularly vulnerable if they have limitations in their ability to communicate.  

Clinical decision support 

Clinical systems should support clinical professionals and staff at the point of granting proxy access by surfacing sensitive information within the patient's and proxy's medical record, for example the presence of safeguarding flags within the patient or proxy's record.  

Effective decision support at this stage enables an informed consideration of whether proxy access is safe and appropriate, particularly where patients and proxies have complex medical records with many entries. 

If safeguarding concerns are identified 

Where safeguarding concerns are identified, the clinical professional must ultimately decide whether to grant or deny proxy access. 

Proxy access must not prevent or inhibit the recording of safeguarding concerns or suspicions about coercion, abuse, and/or neglect in the patient's medical record.  

Safeguarding action to protect the patient from harm must be taken in line with local and national safeguarding policy.  

Last edited: 6 May 2026 1:57 pm

Previous Chapter

4.1.2 Establish whether access is relevant

Next Chapter

4.2 Establish a basis for access

Chapters

  1. DAPB3051 Identity Verification and Authentication Standard for Health and Care, Authorisation Use Case: Proxy
  2. Glossary
  3. Use of the terms "must" and "should" in this guidance
  4. 1.0 Overview
  5. 1.1 Purpose of this standard
  6. 1.2 Who this standard applies to
  7. 1.3 What this standard does not cover
  8. 1.4 Compatibility with other standards and guidelines
  9. 2.1 Types of proxy access: formal and informal proxy access
  10. 2.2 Types of proxy access: Records access by a clinical professional
  11. 3.0 Roles and responsibilities
  12. 4.0 Grant proxy access
  13. 4.1 Assess if access is appropriate
  14. 4.1.1 Establish whether access is necessary
  15. 4.1.2 Establish whether access is relevant
  16. 4.1.3 Establish whether access is safe
  17. 4.2 Establish a basis for access
  18. 4.3 Check evidence relevant to the basis for access
  19. 4.3.1 Verify the proxy and patient’s identity
  20. 4.3.2 Understand if the patient has the ability to consent
  21. 4.3.3 Obtain the patient’s informed consent to proxy access, if appropriate
  22. 4.3.4 Verify evidence of a basis for access if the patient cannot consent
  23. 4.4 Redact sensitive information based on what is being shared
  24. 4.5 Audit decisions about proxy access
  25. 4.6 Communicate the outcome of a decision to grant or deny proxy access
  26. 5.0 The scope of proxy access
  27. 6.0 System audit of proxy access
  28. 7.0 Managing proxy access
  29. 7.1 Ongoing reviews of proxy access
  30. 7.2 Age and development based reviews of access
  31. 7.3 Time-bound reviews of access
  32. 7.4 Wider events that materially affect proxy access
  33. Appendix A: Ways to evidence a basis for access if the patient is not capable of providing informed consent
  34. Appendix B: Driver diagram articulating the strategic aims of this information standard