A new report suggests the government is considering whether sensitive information about NHS patients should be sent overseas for processing.
GPs have expressed concerns that such a move would create a "risk to confidentiality" - particularly if records are sent to countries with a different culture of data protection.
According to IT magazine Computer Weekly, a leaked internal NHS Connecting for Health document reveals a review is under way into whether patient data could be processed by "approved organisations" abroad.
The NHS Connecting for Health document reads: "Organisations should be aware of a current review into the possibility of NHS patient data being processed overseas by approved organisations.
"The review is considering the requirements for and implications of such possible arrangements."
Dunstable GP Mary Hawking said she was surprised that processing patient data abroad was being considered.
"Surely putting NHS data of any sort in a foreign legal framework involves a risk to confidentiality?" she told Computer Weekly.
But a Department of Health spokeswoman said: "Patient data is not currently sent abroad.
"There is no review, and there are no considerations relating to the National Programme for IT for patient data to be processed abroad in future."