I thought that from the data protection act you had a right to all information that was about you. Every organisation has to has a data protection policy and it should be available for all service users to read. It should state in the policy within what timescale they intend to meet requests for this data. I think it depends on how much information there is and what time they need to organise and send it.. but it should be a number of weeks not years. I could be wrong.. but I don't think so.