Developed in conjunction with Ext-Joom.com

Privacy Notice for Smilecare Dental Clinic

for Patient Data

This Privacy Notice is a shortened form of our Privacy Policy and any patient who wishes to have a copy of our full Policy should ask Rachel Mantle

Smilecare Dental Clinic takes great care to protect the personal data we hold for you in line with the requirements of the General Data Protection Regulation (GDPR).

The purpose of collecting and storing personal data about you is to ensure we can:

  • Provide, appropriate, safe and effective dental care, treatment and advice for you

  • Fulfil any contracts we hold in relation to your care

  • For the administration of your care.

Personal data held for our patients

The personal data we process (processing includes obtaining the information, using it, storing it, securing it, disclosing it, and destroying it) for you includes:

  • Name, address, date of birth. This is for patient identification.

  • Next of kin. Only if it is offered by the patient.

  • Email address. If offered and only for appointment or treatment planning.

  • Phone number(s). Required.

  • GP contact details. Needed for referrals to NHS hospitals eg for wisdom tooth removal.

  • Medical history. For the safe treatment of the patient.

  • Dental care records. For the safe and effective treatment of the patient.

  • Photographs. To assist the patient and their dentist to monitor oral health care.

  • Family group. If offered by the patient.

  • Payment plan details. All payments recorded for reconciliation only.

  • Financial information. Limited information is kept to assist in reconciliation.

  • Credit cards receipts. Kept in a locked safe and shredded after 1 year.

  • Correspondence. With the patient and any specialist referral centre to allow continuity of care.

  • Details of any complaints received. Kept in patient records unless they prefer to remain anonymous. An anonymous electronic record is kept for training to improve our service

We keep an inventory of personal data we hold on our patients and this is available on request.

Disclosure to third parties

The information we collect, and store will not be disclosed to anyone who does not need to see it.

We will share your personal information with third parties when required by law or to enable us to deliver a service to you or where we have another legitimate reason for doing so. Third parties we may share your personal information with may include:

  • Regulatory authorities such as the General Dental Council or the Care Quality Commission

  • NHS Local Authorities

  • Dental payment plan administrators

  • Insurance companies

  • Loss assessors

  • Fraud prevention agencies

  • In the event of a possible sale of the practice at some time in the future.

We may also share personal information where we consider it to be in a patient’s best interest or if we have reason to believe an individual may be at risk of harm or abuse.

Personal privacy rights

Under the General Data Protection Regulation (GDPR) you have the following personal privacy rights in relation to the information we hold about you.

You have a right to:

  • Access to and copies of your records.

  • Have inaccuracies deleted.

  • Have information about you erased. This should be seen in light of the need to keep records about your dental care in case you have any problems in the future.

  • Object to direct marketing.

  • Restrict the processing of your information, including automated decision-making.

  • Take your data to another dental practice or anywhere else.

Patients who wish to have inaccuracies deleted or to have information erased must speak to the dentist who provided or provides their care.

Legal basis for processing data held about patients

The GDPR requires us to state the legal basis upon which we process all personal data for our patients and it requires us to inform you of the legal basis on which we process your personal data.

The legal basis on which we process personal information for our patients is in accordance with the dental professionals regulatory bodies: The General Dental Council www.standards.gdc-uk.org, and the Care Quality Commission www.cqc.org.uk/dental-care-records.

Automated decision making

What is automated decision making? It is a process whereby you are asked to opt in once to certain processes, these processes will vary from one dental clinic to another, as some dental clinics want to send marketing information to their patients. At Smilecare Dental Clinic we DO NOT send any marketing information, we will only send appointment reminders and relevant information about recommended treatments.

At Smilecare Dental Clinic, we have the following processes when you register that are part of automated decision making:

  1. How you would like to be reminded about the recommended frequency of dental appointments, such as routine check up and dental hygiene care. You can select on your registration forms to be reminded by text, email and or postal reminder. It is our duty of care to remind you of preventative care frequency, it is also your right to request no appointment reminders.

  2. Retaining up to date and accurate dental records. At the point of registering we will create a dental record and ensure it is kept up to date and secure. We have a legal duty to retain dental records for a minimum of 11 years or up to the age of 25 years. You have the right to request that we delete your dental records, in which case we will need to consult with the dental regulatory body: The General Dental Council.

Non Automated decision making, i.e. Specific Patient Informed Consent

For all other processes at Smilecare we will always obtain specific informed consent:

  1. Any recommended treatment, this will be verbally explained by the dentist and then written information will be provided and further discussions if necessary until the patient is fully informed about any options, likely success rates and costs.

  2. Sharing patient information with a specialist or hospital for specialist care, patients will need to specifically consent to the information being provided.

Complaints

You have a right to complain about how we process your personal data. All complaints concerning personal data should be made in person or in writing to David Mantle. All complaints will be dealt with in line with the practice complaints policy and procedures.

Transferring personal data outside the EU

All patient information is backed up within the practice to a separate drive, in case of fire a second copy is backed up to a company called Carbonite Inc, 2 Avenue de la Lafayette, Boston MA 02111. They are governed by the laws of the Commonwealth of Massachsetts and/or Federal Law. In accordance with European Laws, all data will be held under the EU-US and Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce. Carbonite complies with all of the Privacy Shield Principles and if there is any conflict between the terms of privacy policies, then the EU-US and Swiss Privacy Shield Principles shall govern.

This Privacy Notice was reviewed and implemented on: 30/04/2018

It will be reviewed annually and is due for review in November 2018 or prior to this date in accordance with new guidance or legislative changes.

Document Change Record

For

EU General Data Protection Regulation (GDPR)

Privacy Notice for Patient Data

The table below is used to register all changes to the policy:

Published Date

Document Version Number

Pages affected

Description of revision

Author

         
         
         
         
         
         
         

cookie policy

our website uses cookies and similar technologies to help make this website better Read More

happy to accept?

 

Cookie Policy

Our Cookies Policy explains what cookies are, how we use cookies, how third-parties we may partner with may use cookies on the Service, your choices regarding cookies and further

How we use cookies

A cookie is a small file which, with your permission, will be placed on your computer's hard drive. Cookies allow websites to respond to you as an individual. Thanks to cookies, web sites can tailor their operation to your needs, likes and dislikes by gathering and remembering information about your preferences.

For example, we use cookies to identify which pages are being used most frequently. This helps us analyse data about how you are using our website so we can improve it in order to meet your needs better. We only use this information for statistical analysis purposes and no data is held which links to you as a person.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not.

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

For the full disclosure section, including all types of cookies, please click here.

Blocking cookies | Deleting cookies | Cookie preferences

You can manage your preferences relating to the use of cookies on our website by visiting:
Google Chrome
Internet explorer 8, 9 and 10
Mozilla Firefox
Safari

More information about cookies

If you would like more information regarding Cookies please visit the below site: ICO (Information Commissioner’s Office) - https://ico.org.uk/for-the-public/online/cookies/