Skip to main content

Part of DAPB3051 Identity Verification and Authentication Standard for Health and Care, Authorisation Use Case: Proxy

4.2 Establish a basis for access

Previous Chapter

4.1.3 Establish whether access is safe

Current Chapter

Current chapter – 4.2 Establish a basis for access

View all

Next Chapter

4.3 Check evidence relevant to the basis for access

For simplicity of implementation, this standard defines the following bases for proxy access. 

Patient is under 16

Clinical professionals must assess the child’s Gillick competence to consent to proxy access.  

Parental responsibility 

Where a child is deemed to not be Gillick competent in relation to proxy access, clinical professionals can grant proxy access to the child's parents on the basis of parental responsibility. 

Guardians and carers who are not the child’s parents 

Where a child is deemed to not be Gillick competent in relation to proxy access, clinical professionals can make a decision in the child's best interests to grant proxy access to someone who is not the child's parent, provided any appropriate consultation with those with parental responsibility has occurred. 

The child's consent 

If assessed as Gillick competent in relation to proxy access, a child must provide informed consent to proxy access as per section 4.3. Refer to proxy access: advice and guidance for further detail on when consent is likely to be a relevant basis for proxy access.   

Where there are digital services available for the child to access, clinical professionals and staff should promote self-access above proxy access, where appropriate.  

All decisions about granting proxy access must be made in the child's best interests. 

Patient is 16 or over

Clinical professionals should always consider the patient's capacity, but may presume capacity to consent to proxy access unless they have evidence to the contrary, as per the Mental Capacity Act (2005).  

Where the patient has capacity, self-access should be promoted above proxy access. 

Where the patient has a temporary less of capacity, an end date should be set in line with when they may regain capacity. 

The patient’s consent 

If the patient has capacity at the point of deciding on proxy access, clinical professionals must get the patient’s informed consent before granting access as per section 4.3.3

Health and welfare power of attorney 

If the patient does not have capacity at the point of deciding on proxy access and is aged 18 or over, clinical professionals can rely on a valid and applicable lasting power of attorney (LPA) being in place to grant proxy access to a health and welfare attorney. 

Court-appointed personal welfare deputy 

If the patient does not have capacity at the point of deciding on proxy access and is aged 18 or over, clinical professionals can rely on a court order being in place naming someone as the patient’s personal welfare deputy.  

Note: Being a health and welfare attorney or personal welfare deputy does not automatically give someone the right to be a proxy. A patient must lack capacity for the LPA or deputyship to be treated as valid and applicable. It may be necessary for the clinical professional to undertake a capacity assessment. 

Carers without power of attorney or deputyship 

If the patient does not have capacity at the point of deciding on proxy access, clinical professionals may make a decision in the patient's best interests to grant proxy access to an appropriate proxy who does not have power of attorney or deputyship. 

All decisions about granting proxy access must be made in the patient's best interests. 

Last edited: 6 May 2026 1:57 pm

Previous Chapter

4.1.3 Establish whether access is safe

Next Chapter

4.3 Check evidence relevant to the basis for access

Chapters

  1. DAPB3051 Identity Verification and Authentication Standard for Health and Care, Authorisation Use Case: Proxy
  2. Glossary
  3. Use of the terms "must" and "should" in this guidance
  4. 1.0 Overview
  5. 1.1 Purpose of this standard
  6. 1.2 Who this standard applies to
  7. 1.3 What this standard does not cover
  8. 1.4 Compatibility with other standards and guidelines
  9. 2.1 Types of proxy access: formal and informal proxy access
  10. 2.2 Types of proxy access: Records access by a clinical professional
  11. 3.0 Roles and responsibilities
  12. 4.0 Grant proxy access
  13. 4.1 Assess if access is appropriate
  14. 4.1.1 Establish whether access is necessary
  15. 4.1.2 Establish whether access is relevant
  16. 4.1.3 Establish whether access is safe
  17. 4.2 Establish a basis for access
  18. 4.3 Check evidence relevant to the basis for access
  19. 4.3.1 Verify the proxy and patient’s identity
  20. 4.3.2 Understand if the patient has the ability to consent
  21. 4.3.3 Obtain the patient’s informed consent to proxy access, if appropriate
  22. 4.3.4 Verify evidence of a basis for access if the patient cannot consent
  23. 4.4 Redact sensitive information based on what is being shared
  24. 4.5 Audit decisions about proxy access
  25. 4.6 Communicate the outcome of a decision to grant or deny proxy access
  26. 5.0 The scope of proxy access
  27. 6.0 System audit of proxy access
  28. 7.0 Managing proxy access
  29. 7.1 Ongoing reviews of proxy access
  30. 7.2 Age and development based reviews of access
  31. 7.3 Time-bound reviews of access
  32. 7.4 Wider events that materially affect proxy access
  33. Appendix A: Ways to evidence a basis for access if the patient is not capable of providing informed consent
  34. Appendix B: Driver diagram articulating the strategic aims of this information standard