Happy Smiles Dental Practice Privacy notice
Practice communication for all patient data
In accordance with General data Protection Regulations ( GDPR )
Happy Smiles Family Dental Practice is committed to protecting the privacy and security of your personal information.
This privacy notice describes how we collect and use personal information about patients during and after any treatment with us, in accordance with the General Data Protection Regulation (GDPR).
Happy Smiles Family Dental Practice is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you as a patient. We are required under data protection legislation to notify you of the information contained in this privacy notice.
This notice applies to current and former patients of Happy Smiles Family Dental Practice. It does not form part of any contract to provide services. We may update this notice at any time.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information. A copy of the full GDPR Policy and Procedure is available for review at the Practice/Entity.
- DATA PROTECTION PRINCIPLES
We will comply with data protection law. This says that the personal information we hold about you must be:
1. Used lawfully, fairly and in a transparent way.
2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
3. Relevant to the purposes we have told you about and limited only to those purposes.
4. Accurate and kept up to date.
5. Kept only as long as necessary for the purposes we have told you about.
6. Kept securely.
2. THE KIND OF INFORMATION WE HOLD ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
There are “special categories” of more sensitive personal data which require a higher level of protection.
We may collect the following information about you:
- Personal details such as your name, date of birth, national insurance number, NHS number, address, telephone number, email address and exemption data
- Information about your dental and general health, including
- Clinical records made by dentists and other dental professionals involved with your care and treatment
- X-rays, clinical photographs, digital scans of your mouth and teeth, and study models
- Medical and dental histories
- Treatment plans and consent
- Notes of conversations with you about your care
- Dates of your appointments
- Details of any complaints you have made and how these complaints were dealt with
- Correspondence with other health professionals or institutions
- Details of the fees we have charged, the amounts you have paid and some payment details
This list is not exhaustive.
Mr B D Coleyshaw the practice owner is responsible for keeping secure the information about you that we hold.
Our data protection lead is Angela Mayhew she ensures that the practice complies with data protection requirements to ensure that we collect, use, store and dispose of your information responsibly.
Those at the practice who have access to your information include dentists and other dental professionals involved with your care and treatment, and the reception staff responsible for the management and administration of the practice.
3 HOW WE WILL USE INFORMATION ABOUT YOU
To provide you with the dental care and treatment that you need, we require up-to-date and accurate information about you.
We will share your information with the NHS and Practice plan if you are a member in connection with your dental treatment only.
We will seek your preference for how we contact you about your dental care. Our usual methods are telephone, email or letter.
We send out text reminders for the purpose of reminding you about your appointment, we feel this benefits you and the practice and is in your legitimate interests to receive these however we will check your consent to receive these at your first appointment, if you change your mind and do not want to receive these please notify reception.
-We do not use these reminders for marketing purposes.
4 SHARING INFORMATION
Your information is normally used only by those working at the practice but there may be instances where we need to share it – for example, with:
- Your doctor
- The hospital or community dental services or other health professionals caring for you for purpose of referral. A copy of your referral is kept on file if required
- NHS payment authorities
- The Department for Work and Pensions and its agencies, where you are claiming exemption or remission from NHS charges
- Private dental schemes of which you are a member.
- Dental Laboratories – when undertaking some dental work we use a dental lab and may send your Name, DOB, Dental Impressions/teeth models for purpose of your treatment. We have strict confidentiality agreements in place with the labs to control and protect your data.
- TxT Connexions for text reminder services.
- Dental IT support and patient software for purposes of back up and treatment data
We will only disclose your information on a need-to-know basis and will limit any information that we share to the minimum necessary.
Why might you share my personal information with third parties?
We will share your personal information with third parties where required by law, where it is necessary to deliver a service to you or where we have another legitimate interest in doing so.
5 KEEPING YOUR INFORMATION SAFE
We store your personal information securely on our practice computer system and in a manual filing system. Your information cannot be accessed by those who do not work at the practice; only those working at the practice have access to your information. They understand their legal responsibility to maintain confidentiality and follow practice procedures to ensure this.
We take precautions to ensure security of the practice premises, the practice filing systems and computers
We use high-quality specialist dental software to record and use your personal information safely and effectively. Our computer system has a secure audit trail and we back-up information routinely.
We use cloud computing facilities for storing some of your information for back up purposes. The practice has a rigorous agreement with our provider Computors of Wolverhampton to ensure that we meet the obligations described in this policy and that we keep your information secure.
We keep your records for 11 years after the date of your last visit to the Practice or until you reach the age of 25 years (children), whichever is the longer.
6 ACCESS TO YOUR INFORMATION AND OTHER RIGHTS
You have a right to access the information that we hold about you and to receive a copy. You should submit your request to the practice in writing or by email. We do not usually charge you for copies of your information; if we pass on a charge, we will explain the reasons.
You can also request us to
- Correct any information that you believe is inaccurate or incomplete. If we have disclosed that information to a third party, we will let them know about the change
- Erase information we hold although you should be aware that, for legal reasons, we may be unable to erase certain information (for example, information about your dental treatment)
- Stop using your information – for example, sending you reminders for appointments or information about our service
- Supply your information electronically to another dentist we would need a data processing agreement in place for this occur to protect your data and privacy.
If you do not agree
If you do not wish us to use your personal information as described, you should discuss the matter with your dentist. If you object to the way that we collect and use your information, we may not be able to continue to provide your dental care.
- NO FEE USUALLY REQUIRED
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
- WHAT WE MAY NEED FROM YOU
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
- RIGHT TO WITHDRAW CONSENT
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent please contact Mr B Coleyshaw ,Practice owner .Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate bas
If you have any concerns about how we use your information and you do not feel able to discuss it with your dentist or anyone at the practice, you should contact The Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (0303 123 1113 or 01625 545745).