We are committed to safeguarding the privacy of our patients either online or in the practice; this policy/notice sets out how we will treat your personal information.
PRIVACY NOTICE FOR PATIENTS
KEEPING YOUR RECORDS SAFELY
This practice complies with the Data Protection Act (1998) and General Data Protection Regulation (GDPR) 2018. This means that we will ensure that your information is processed fairly and lawfully.
WHAT PERSONAL DATA DO WE NEED TO HOLD?
In order to provide you with a high stanndard of dental care and attention, we need to hold personal information about you. This personal data comprises:
WHY DO WE HOLD INFORMATION ABOUT YOU?
We need to keep comprehensive and accurate personal data about our patients in order to provide them with safe and appropriate orthodontic care. We also need to process personal data about you in order to provide care under NHS arrangements and to ensure the proper management and administration of the NHS.
HOW WE PROCESS THE DATA
We will process personal data that we hold about you in the following way:
We are required to retain your dental records, X- rays and study models while you are a patient of this practice and after you cease to be a patient, for at least eleven years or until age 25, whichever is the longer.
Security of information
Personal data about you is held in the practice’s closed computer system and in a secure manual filing system. The information is not available to the public and the information is only accessible to authorised personnel. Your personal information is carefully protected by the staff at this practice. All access to information is held securely and can only be accessed by regularly changed passwords. Data is encrypted and computer terminals are closed if unattended. Our computer system has secure audit trails and we back up information routinely.
Personal information will not be removed from this practice without the patient’s authorised consent, any lab work sent away only has an ID number and surname to avoid personal identification.
DISCLOSURE OF INFORMATION
In order to provide proper and safe dental care, we may need to disclose personal information about you to:
Your general medical practitioner. The hospital or community dental services.
Other health professionals caring for you. NHS payment authorities.
The Inland Revenue. Private dental schemes of which you are member.
Disclosure will take place on a “need to know” basis, so that only those individuals/organisations who need to know in order to provide care to you and for the proper administration of government (whose personnel are covered by strict confidentiality rules) will be given the information. Only that information that the recipient needs to know will be disclosed.
Patients over 14 have the option to list which family members/ other person we can share data with e.g appointments or treatment/medical history.
In very limited circumstances or when recquired by law or a court order, personal data may have to be disclosed to a third party not connected with your health care. In all other situations, disclosure that is not covered by this Code of Practice will only occur when we have your specific consent.Where possible, you will be informed of these requests for disclosure.
Your Rights to Access
You have the right to:
How long is the Personal Data stored for?
What if you are not happy or wish to raise a concern about our data processing?
You can complain in the first instance to our Data Controller -Dr Kornel Csongrady ,our Governance Lead – June Schofield or our DPO Ametros Group email: DPO@ametrosgroup.com Tel. 0330 223 2246
We will do our best to resolve the matter. If this fails, you can complain to the Information Commissioner at www.ico.org.uk/concerns or by calling 0303 123 1113.
Principles of Confidentiality
This practice has adopted the following principles of confidentiality:
Personal information about a patient:
treatment without that information (the need-to-know concept),and
except in certain specific circumstances described in this policy.
Disclosures to third parties:
There are certain restricted circumstances in which a dentist may decide to disclose information
to a third party or may be required to disclose by law.
Responsibility for disclosure rests with the patient’s dentist and under no circumstances can any other member of staff make a decision to disclose.
A brief summary is found below.
When disclosure is in the public interest
There are certain circumstances where the wider public interest outweighs the rights of the patient to confidentiality. This might include cases where disclosure would prevent a serious future risk to the public or assist in the prevention or prosecution of serious crime.
When disclosure can be made
There are circumstances when personal information can be disclosed:
Disclosure of information necessary in order to provide care and for the functioning of the NHS
Information may need to be disclosed to third party organisations to ensure the provision of care and the proper functioning of the NHS. In practical terms this type of disclosure means:
General Dental Council
All staff must follow the General Dental Council’s rules for maintaining patient confidentiality contained in Standards for dental professionals and Principles of patient confidentiality.
If confidentiality is breached, each registered dental professional involved is responsible to the Council for their individual conduct.
Despite careful checking, we assume no liability for the content of external links. The content of linked pages is the exclusive responsibility of their operators.
This website contains links to other website or social media sites. By clicking on a link that leads to third-party website you acknowledge that these websites have their own privacy policies. Please check the privacy policies when using these website, as we assume no responsibility or liability whatsoever for third-party website.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies can be used by web servers to identity and track users as they navigate different pages on a website, and to identify users returning to a website.
Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies on this website
Google Analytics (by third parties):
This website uses Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). The use includes the “Universal Analytics” operating mode. This facilitates the assignment of data, sessions and interactions across several devices to a pseudonymous user ID and thus the analysis of a user’s activities across devices.
Cookies do not contain any information that personally identifies you, but we may use the information we obtain from your use of our cookies for the following purposes:
(1) to recognise your computer when you visit our website;
(2) to improve the website’s usability;
(3) to analyse the use of our website;
(4) in the administration of this website.
Third party cookies
When you use our website, you may also be sent third party cookies. Our service providers may send you cookies. They may use the information they obtain from your use of their cookies.
Blocking / Deleting cookies
Most browsers allow you to refuse to accept cookies. Blocking all cookies will, however, have a negative impact upon the usability of many websites.