From today (Friday 1 May), GP practices across England are being urged by the BMA to take part in collective action. This follows insufficient assurances from the Government regarding widespread concern over the national 2026/27 contract that was imposed last month, rejected by 99% of almost 17,000 BMA GP members in March’s referendum. This result led the BMA’s GP committee into government negotiations over recent weeks on the back of unprecedented daily pressures practices are facing.

Whilst discussions showed progress - providing some required assurances and safeguards around how GPs may refer patients onward for specialist care - the key priority of how GPs fulfil their contract when faced with unlimited same-day urgent care demand outstripping practice capacity remains a profound concern.

For collective action, the BMA is recommending practices focus on the sharing of GP patient data outside practices, in the form of practice data sharing agreements (DSAs). The proposed action for practices to take collectively is lawful and likely to be welcomed by patient groups keen for greater transparency of data sharing in light of developments with third party organisations such as Palantir and widely reported data security breaches across organisations such as UKBiobank.

The BMA foresees the action impacting the wider NHS-Government agenda which is increasingly seeing a ‘left shift’ of work from hospitals into practices, without any commensurate resource to meet the challenge.

Collective action will not advise or instruct any practices to breach their contract or obligations as part of their 2026/27 arrangements. However, unless the Government can deliver greater flexibility to reassure the profession, the BMA may escalate by introducing further actions in future months.

BMA GPs committee chair (GPC), Dr Katie Bramall said:  

“Practices are working in crisis-level environments, where every day feels ‘exceptional’ in terms of unlimited demand outstripping our available workforce and premises space. The imposed contract is an impossibility for too many, and the subsequent rationing of care for our patients is unreasonable and feels unsafe.

“As GPs, we take our responsibilities for the data we hold about our patients very seriously. The confidentiality of this information, and how it is used, must be appropriate and not undermined by the reputational impact of organisations whose values may not align with the NHS or the profession. 

"This action will not affect patient care, but we hope it will bring us closer to finding a solution that protects GPs and delivers the care our patients and communities deserve.”

Ends

Notes to editors

Collective action: Data sharing agreements: Under data protection laws, GPs who run their own practices are the ‘data controller’, which means they are effectively the legal guardian of all patient data in the GP medical record. GP contract holders therefore are both legally liable for and determine the purposes of processing their patients’ personal data and the means of processing the data. 
 
Patient data can be accessed by the patient (the ‘data subject’), or other health and social care providers involved in a patient’s direct care. Patient data held within GP IT systems has the software supplier themselves acting as the ‘data processor’, a position that makes the system supplier accountable to act on the instructions of the data controller - the GP contract holder(s).  
 
The information collected about a patient can also be used for and shared with other organisations for purposes beyond their individual direct care. This is known as data processing for Secondary (Indirect) Care Purposes. This is the information we urge practices to stop sharing.  
 

Action for practices: 

1. A template letter for practices to send to their local NHS system information to respond with the required information to its constituent practices regarding DSAs.
2. Practices to cease any new potential sign-up to voluntary DSAs.
3. Many existing DSAs may be unlawfully extracting GP patient data for secondary uses, i.e. medical research conducted by charities, commercial third parties, universities, or health service planning carried out by government agencies or local NHS organisations. Data used in this way is deemed non-essential for the direct care of patients and therefore carries no inherent and immediate risk to patient safety if data-sharing is then revoked.
4. Practices take steps with their LMCs to use this opportunity to review and assess each existing DSA the practice may currently be signed up to, and determine those where they may wish to cease data sharing.
5. Practices encouraged to engage and discuss this action with their Patient Participation Groups (PPGs).

The BMA is a professional association and trade union representing and negotiating on behalf of all doctors in the UK. A leading voice advocating for outstanding health care and a healthy population. An association providing members with excellent individual services and support throughout their lives.  

For media enquiries please email [email protected] or call 020 7383 6448