First concern is security. Before something like this is rolled out, it would be thoroughly penetration tested and hack tested. Yes, hospitals do routinely employ intrusion experts to test network security and to highlight any risks. The national system is likewise secured and tested to make it as safe as is possible.
So, some script kiddy or drive-by hacker isn't going to get in easily. A professional hacker might get in, but it won't be easy, and they may well get detected. Even then, getting the data out is... well, let's just say 'normalised databases' and leave it at that. Oh, sorry, BIG normalised databases, okay? Not something you can download in a few minutes (or a few hours), anyway.
So, hacking the portal itself (yes, this web access has been referred to as a Patient Portal - it's not a new idea): That's where the attention is, and the risk of hacking is to individual patient records, not to all patients. Someone might get in to see your record, but that person is probably known to you and will get in via your password/token/whatever. Celebrities would be targeted, but that's where the testing comes in: How easy is it to guess their account/password/token/whatever.
So yes, there is a risk. Yes, hacking attempts are inevitable. No, that does not mean it will be easy, nor does it mean it will be successful. If it were, then banks would be a far better target for hackers than medical records...