On this page
Medical practitioners in the Netherlands are required to keep records for each patient. These records contain various details, including the patient’s health and the treatment prescribed by the medical practitioner.
What information is included in medical records?
The information medical records should contain depends on the type of treatment and the practitioner’s profession. You include at least the basic data of the care you provide:
- findings of your examination
- test results
- medical scans
- reports and referrals
Citizen service number (BSN)
You are obliged to include the patient’s citizen service number (burgerservicenummer, BSN) in your records and to use this number when exchanging information. Your patients must identify themselves using a valid ID.
Keeping and maintaining medical records
You only file the necessary data in the records and you must maintain the records. You record the permissions your patient has consented to with regard to sharing the information in his or her medical record. You must also log when and by whom records were modified or viewed. You must keep medical records for 20 years.
Sharing medical records
If you have your patient's permission to share their medical information with other healthcare providers, you can register their information for electronic consultation by these care providers. You register your patient's permission in their medical records.
Explaining patients' rights
You must explain to your patient what exactly electronic data exchange means. You must explain how your exchange system works, which healthcare providers you share the data with and why and you must explain what the consequences are. You are also responsible for telling your patients what their rights are, for instance to have their data modified or deleted.
Patient access to records
A patient has the right to view their medical records. This must be possible for free and via internet. Your patient also has the right to receive a free electronic copy of the medical record. Make sure your IT systems are able to digitally exchange medical records with patients via internet in a secure way. The only details the patient may not access are the practitioner’s own notes and any details that may affect the privacy of a third party.
Requirements for language and technology for electronic data exchange in healthcare are being elaborated.
UZI card and AGB code
If you as care provider want to access confidential patient information online, you need an UZI card. You can obtain the UZI card from the Dutch Unique Healthcare Provider Identification Register (UZI-register, in Dutch), for which you will need an AGB code (Algemeen Gegevensbeheer Zorgverleners, the General Database for Care Providers). You can apply for an AGB code at AGBcode.nl (in Dutch). You use the AGB code in the electronic invoicing process between you and your health insurance company. Read more on the UZI register's Certification Practice Statement.