In providing your dental care and treatment we will ask for information about you and your health. Occasionally, we may receive information from other providers who have been involved in providing your care.
We are a Data Controller under the terms of the requirements of the EU General Data Protection Regulation (GDPR)
This Privacy Notice explains what Personal Data the practice holds, why we hold and process it, who we might share it with, and your rights and freedoms under the Law.
What information do we collect?
Personal details such as your name, date of birth, national insurance number, NHS number, address , telephone number and email address
Information about your dental and general health, including:
– Clinical records made by dentists and other dental professionals involved in your care or treatment
– X-rays, clinical photographs, digital scans of your mouth and teeth and study models
– Medical and dental histories
– Treatment plans and consent
– Notes of conversations with you about your care
– Dates of your appointments
– Details of any complaints you have made and how these complaints were dealt with
– Correspondence with other health professionals or institutions
Details of the fees we have charged, the amounts you have paid and some payment details
Why we process Personal Data (what is the “purpose”)
“Process” means we obtain, store, update and archive data.
Patient data is held for the purpose of providing patients with appropriate, high quality, safe and effective dental care and treatment.
What is the Lawful Basis for processing Personal Data?
The Law says we must tell you this:
We hold patients’ data because it is in our Legitimate Interest to do so. Without holding the data we cannot work effectively. [Also, we must hold data on NHS care and treatment as it is a Public Task required by law].
Who might we share your data with?
Most data is used only at the practice. We only share data if it is done securely and it is necessary to do so- for example with.
The hospital or community dental services or other health professionals caring for you (for example if we refer you to a specialist or need laboratory work undertaken)
NHS payment authorities
The Department for Work and Pensions and its agencies, where you are claiming exemption or remissions from NHS charges
Private dental schemes of which you are a member
We will only disclose your information on a need to know basis and will limit any information we share to the minimum necessary and make sure this is done securely.
In certain circumstances or if required by law we may need to disclose your information to a third party not connected to your healthcare, including HMRC or other law enforcement or government agencies.
Marketing – we will ask your permission to contact you with news and special offers about dental treatment we can provide.
You have the right to:
Be informed about the personal data we hold and why we hold it.
Access a copy of your data that we hold by contacting us directly in writing or by email: we will acknowledge your request and supply a response within one month or sooner. We do not usually charge you for copies of your information however if we pass on a charge we will explain the reasons.
Check the information we hold about you is correct and to make corrections if it is inaccurate
Have your data erased in certain circumstances although you should be aware that for legal reasons we may be unable to erase certain information (for example, information about your dental treatment)
Transfer your data to someone else if you tell us to do so and it is safe and legal to do so.
Tell us not to actively process or update your data in certain circumstances.
How long is the Personal Data stored for?
We will store patient data for as long as we are providing care, treatment or recalling patients for further care. We will archive (that is, store it without further action) for as long as is required for legal purposes as recommended by the NHS or other trusted experts recommend.
We must store employment data for six years after an employee has left.
We must store contractors’ data for seven years after the contract is ended.
What if I do not agree?
If you do not wish us to use your personal information as described, you should discuss the matter with your dentist. If you object to the way that we collect and use your information, we may not be able to continue to provide your dental care.
What if you are not happy or wish to raise a concern about our data processing?
If you do not wish us to use your personal information as described, you should discuss the matter with your dentist. If you wish to object to the way we collect and use your information we may not be able to continue to provide your dental care.
If you are not happy or wish to raise a concern please contact Sheena Tanna , our Data Protection lead and she will do her best to resolve the matter.
Alternatively you can contact our Data Protection Officer Samira Ahmed 4 Lawford Lane, Writtle Essex CM1 3EA Tel: 01245 421781
And/or The Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (0303 123 1113 or 01625 545745).
to the Information Commissioner at www.ico.org.uk/concerns or by calling 0303 123 1113.
How the NHS and care services use your information
Billericay Dental Care is one of many organisations working in the health and care system to improve care for patients and the public.
Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
• improving the quality and standards of care provided
• research into the development of new treatments
• preventing illness and diseases
• planning services
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.
Most of the time, annoymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:
See what is meant by confidential patient information
Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
Find out more about the benefits of sharing data
Understand more about who uses the data
Find out how your data is protected
Be able to access the system to view, set or change your opt-out setting
Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
See the situations where the opt-out will not apply
You can also find out more about how patient information is used at:
https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and
https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)
Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.
If you would like to opt out two forms need to be done:
Go on www.nhs.uk/your-nhs-data-matters. And register you would like to opt out.
Please email the practice manager at email@example.com to advise that you wish to opt out.
You can change your mind about your choice at any time.
Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation is currently compliant with the national data opt-out policy.
Date: October 2019
Review date: October 2020