Search loading...


Explore and Make use of Nationally Defined Messaging APIs


Access Controls

Overview of the access controls for NRL pointers


Access to NRL records is determined by Record Groups, where a Record Group contains one or more Record Types. Access to each Record Group is controlled by Role Based Access Control (RBAC) codes from the National RBAC Database and administered by an RA Managers within Trusts.

For each Record Group there are two RBAC codes:

  1. The first RBAC code will allow a user to view pointers only (for all the Record Types in that Record Group)

  2. The second RBAC code will allow a user to view pointers and retrieve records (for all the Record Types in that Record Group)

The two RBAC codes support the needs of different roles. For example, many clerical roles may only need to view pointers whereas most clinical roles will need to view pointers and retrieve records. This model of access is illustrated in the diagram beneath where each box represents a separate RBAC code.

A user may have access to one or more Record Groups depending on the information needs of their role n.b. there is currently only one Record Group but this is expected to change as more Record Types are added to the NRL. To work out which RBAC codes should be applied to a user, refer to the RBAC Mapping Table beneath. A user should only have one RBAC code for each Record Group assigned to them by their Trust’s RA Manager.

RBAC Mapping Table

This table outlines which records an RBAC code gives access to and whether it provides pointer only access or pointer and record access.

Record Group Record Types Contained Access Level RBAC Code
Record Group 1 Mental health crisis plan Pointer only access B0268
Pointer and record access B0269

The RBAC codes listed in the mapping table above are limited by the number of Record Types currently available on the NRL. As additional Record Types are added to the NRL the associated RBAC codes will be added to this table.

The Record Group that a Record Type fits into depends on its sensitivity. Record group 1, is a general grouping, to contain the majority of Record Types that are not deemed to be sensitive. Further Record Groups will be added if additional Record Types are deemed to need more restrictive controls. Using additional Record Groups for such Record Types ensures that they are protected by further access controls and will not routinely be available to the majority of NRL users.


  • Record Type: The clinical type of a record as defined by SNOMED CT code. The clinical types permitted on the NRL are defined by a controlled list.
  • Record Group: A grouping that contains one or more Record Types.

All content is available under the Open Government Licence v3.0, except where otherwise stated