Data watchdogs are to investigate claims that Britain's leading life insurers are being given full access to GP records.
The Information Commissioner will look into concerns that insurers are routinely accessing medical records, including details about contraception, mental health and relationships, without customer consent.
Data protection rules state that insurers are supposed to have permission from patients before asking for relevant health information from their doctors.
But companies are believed to be increasingly in breach of data protection rules, with doctors' groups claiming they are using such consent to seek full disclosure of records, the Daily Telegraph said.
Insurers Aviva and Legal & General said that for the past 12 months they had sought full medical records for their clients, but insisted they disregarded any details which were not directly relevant to their assessments.
Although blanket requests were made, GPs had been instructed to withhold certain types on information, such as whether patients had tested negative for HIV. If the details were disclosed, they would be ignored, said the firms.
The Information Commissioner said it was aware of the matter and would investigate whether companies were working within current legal safeguards.
The Medical Protection Society, which represents 290,000 medical professionals, said it discovered a sharp rise in concerns about data requests by insurers, with about 2,300 calls from doctors over the past year on the subject.
John Canning of the British Medical Association said the revelation was of "grave concern" and warned that many customers may be providing consent without realising how much information might be released.
He told the Telegraph: "A GP will hold all your medical history, containing details such as contraception use, termination of pregnancies and relationship issues that would have no bearing on an insurance policy.
"Our concern is that the consent obtained by insurers isn't always understood by the person applying for a policy."