It is vital that patients are in control of their data and are fully aware of how it is being processed. Patients at the moment are often ignorant of the fact their personal and clinical data is processed for all sorts of purposes not directly related to providing them with health or medical care. It often comes as a surprise for patients to discover their (identifiable and also anonymised) data is accessible to researchers, auditors and others. No-one should have access to patient data without the patient (or the person acting for them legally) giving informed consent first.
We need to preserve trust between patients and their GP or other health professionals. If personal and clinical data is processed without patient knowledge or even against patient wishes then the whole system of confidentiality is lost including trust. Without trust the healthcare system breaks down – patients who cannot trust their health professionals do not seek treatment or delay seeking treatment, patients who are concerned about confidentiality or lack of trust may not be open with their GP and others and therefore the potential success of any diagnosis or treatment is put at risk. And this ultimately is not good for the patient (or those providing treatment).
Providing patients with regular information about what they have consented to regarding processing of their data ensures that they are kept fully informed and they can review and update their consent choices if they wish.