Skip to main content

General Practice Extraction Service - MESH

Send anonymised or patient-identifiable data from GP clinical systems to the General Practice Extraction Service (GPES) for planning and research.


GP system
GP system
General Practice Extraction
General Practice E...
4. receive patient data
4. receive patient data...
1. send request for
patient data
1. send request for...
3. send patient data
3. send patient data...
2. receive request for
patient data
2. receive request for...
Text is not SVG - cannot display GPES requests patient data from GP systems over MESH and receives it over MESH


Use this integration to send patient data from General Practice (GP) clinical systems to General Practice Extraction Service (GPES). This data can then be used for planning and research. 

You can:

  • receive requests for data
  • send requested data

For example, the GPES data for pandemic planning and research is used to support the response to the coronavirus (COVID-19) outbreak. This data is used to analyse healthcare information about patients, for the duration of the coronavirus emergency period.

This integration is an asynchronous messaging integration which uses MESH to send and receive messages.

Who can use this

This integration can only be used where there is a legal basis to do so. Make sure you have a valid use case before you go too far with your development.

You must do this before you can go live (see ‘Onboarding’ below).


This integration is in production.

Service level

This integration uses MESH which is a silver service, meaning it is operation 24 hours a day, 365 days a year but only supported during business hours (8am to 6pm), Monday to Friday excluding bank holidays.

For more details, see service levels.


Messages are sent and received via MESH.

Message payloads are XML, apart from 'report' messages which are CSV.

Network access

You can access this integration via:

For more details, see Network access for APIs.

Security and authorisation

This integration uses MESH which is an application-restricted API.

The integration does not perform any end user authentication or authorisation checks. Rather, the calling system is expected to perform them. The authorisation rules are specified in our national Role Based Access Control (RBAC) database.

For more details see our national Role Based Access Control (RBAC) database on the registration authorities and smartcards page

Environments and testing

This integration uses MESH.

As a developer, you are most likely to want to connect to MESH using either the MESH client or the MESH API.

For more details about using the MESH client, see MESH client.

For the MESH API, there are several independent, externally accessible instances of MESH you can use for testing. For more details, see MESH API - Environments and testing.


You need to get your software approved by us before it can go live with this integration. We call this onboarding. The onboarding process can sometimes be quite long, so it’s worth planning well ahead.

To onboard for this integration, contact us.


For a list of interactions, see the GPES Interoperability Standard v6.0.1.

This is a Microsoft Word file.  To request a different format please contact us.

Last edited: 15 September 2023 7:50 am