Keep it local
Patient data should be stored in the health authority region it is collected in, which would normally be where the patient lives.
Releasing that data outside of the region should first be reviewed by medical records who can take note of any flags that may have been set.
Two types of data release should be made possible:-
1. An image format. To be used by other authorities who are temporarily caring for you, and is therefore not in a format that can easily be spammed about and misused in some hideous mass data gathering scenario.
2. Full data access. To be used where the patient has moved to another region.
Obviously transmission of both the image and data needs to be heavily encrypted.
No information whatsoever should be stored at a GP surgery, as that's just asking for trouble, instead the surgery has limited access to the regional records over dedicated terminals, and certainly not the laptops they're busily emailing their mates, organising the next pharmaceutical sponsored golfing holiday.
I wonder if anyone steering this thing has even thought to have a chat with the people who have cared so diligently all this time for the medical records in their charge?
From my past experience in medical records, I assume not.