Inverleith Dentalcare treats the privacy of its patients very seriously and we take appropriate security measures to safeguard your privacy. This Notice explains how we protect and manage any personal data* you share with us and that we hold about you, including how we collect, process and share that data.
*Personal data means any information that may be used to identify an individual, including, but not limited to, a first and last name, a home or other physical address and an email address or other contact information, whether at work or at home.
We will keep your records safely. This Practice complies with the Data Protection Act (1998) and general Data Protection Regulation (GDPR) 2018. This means that we will ensure that your information is processed fairly and lawfully.
Why does the Practice Hold Personal information about you? We need to keep comprehensive and accurate personal data about our patients in order to provide them with safe and appropriate dental care. We also need to process personal data about patients in order to provide some care under NHS arrangements and to ensure the proper management and administration of the NHS.
What personal information do we need to hold?
- Personal information and contact details, including your name, date of birth, address, telephone number and email address
- Dental, social and medical histories (e.g. past or current medical conditions, current medication, the name of your GP)
- Results of the examination of your mouth and oral health, including x-rays, clinical photographs and study models
- Information about appointments
- Any treatments and their costs
- Any proposed care, including advice we give you and referrals you might need
- Any concerns you or your dental team might have
- Details of your consent for specific procedures
- Correspondence with other healthcare workers that relates to your care
Why do we hold this information? We need to keep accurate personal data about patients in order to provide you with safe & appropriate dental care. We also need to process personal data about you if we are referring you to NHS hospitals and to ensure the proper management and administration of the NHS.
Retaining information. We are required to retain your dental records, x-rays and study models while you are a patient of this practice and after you cease to be a patient, for at least 10 years or until age 25, whichever is longer.
Security. Personal data about patients is held on a secured practice computer system. The information is not accessible to the public and only authorised members of staff have access to it. Our computer system is managed by a professional IT company, password protected, has secure audit trails and we take off-site back-ups on a daily basis. Our processes are audited regularly to ensure compliance with this policy.
Personal information will not be removed from this practice without the patient’s authorised consent.
Your Personal information is carefully protected by the staff at this practice. All access to information is held securely and can only be accessed by regularly changed passwords. Data is encrypted and computer terminals are closed if unattended.
Sharing information. Why we may need to disclose your information. In order to provide proper and safe care to:
- Another dentist or health professional who is caring for you
- Your GP
- A laboratory
- NHS payment authorities
- The Inland Revenue
- The Benefits Agency, if you are claiming exemption or remission from NHS charges
- A private dental scheme, if you are a member
Disclosure will take place on a ‘need to know’ basis, so that only those individuals/organisations who need to know in order to provide care to you and the proper administration of Government (whose personnel are covered by strict confidentiality rules) will be given the information.
Only information that the recipient needs to know will be disclosed.
In very limited circumstances or when required by law or a court order, personal data may have to be disclosed to a third party not connected with your health care.
In all other situations, disclosure that is not covered by this code of practice will only occur when we have your specific consent.
Where possible you will be informed of these requests for disclosure.
Your right to view your clinical records. You have the right to apply for access to the information we hold about you, whether it is stored electronically or on paper. We have a duty to provide this information in a format that is accessible to you (e.g. large print or Braille) and in a way that you can understand, explaining any abbreviations where necessary.
Where you agree, this access right may be met by enabling you to view the record without obtaining a copy.
In certain circumstances your right to see some details in your health records may be limited in your own interest or for other reasons.
After having viewed your records, if you believe any information is inaccurate or incorrect, please inform us of this in writing.
Confidentiality. You have the right to confidentiality. We also comply with the NHS Code of Practice on Confidentiality and dental healthcare personnel have a requirement under their professional code of ethics to keep records about you confidential and accurate.
All our staff contracts of employment contain a requirement to keep patient information confidential.
Third Party Relationships: We may disclose or use your personal information when we, in good faith, believe that either the law requires us to do so or such action is necessary to protect or defend Integrated Dentalcare Limited rights or property.