McGrath Dental will keep your records safe as we comply with General Data Protection Regulation (GDPR) 2018. General Data Protection Regulation 2018 definition states that ‘any information relating to an identified or identifiable natural person replaces Data Protection Act 1998 (DPA) and introduces new requirements’. We will ensure that your information is processed fairly, lawfully, in a transparent manner and is collected only for specified legitimate and explicit purposes. GDPR covers data which is kept by automated means and manual filing systems.
6 Data Protection Principles Under GDPR
- Data must be processed lawfully, fairly and in a transparent manner in relation to individuals
- Data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purpose in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes
- Data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- Data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purpose for which they are processed are erased or rectified without delay
- Data must be kept in a form which permits identification of data subjects (you the patient) for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purpose subject to implementation of the appropriate technical organisational measures required by the GDPR in order to safeguard the right and freedoms of individuals and
- Data must be processed in a manner that ensures appropriate security of the personal data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
Information We Will Obtain:
We will continue to hold any personal details you have disclosed to the practice such as your:
- Telephone number
- Email address
We will also have on your records your:
- Past and current medical/dental information
- Radiographs (X-Rays), clinical photographs and study models
- Information about the treatment we have either proposed or provided and its cost
- Notes of conversations or incidents such as why you are attending an appointment or if we have been unable to contact you and the reasoning
- Consent forms relevant to your proposed/current or previous treatment
- Any correspondence relating to you with other health care professionals, for example if you have been referred from another dental practice or if we have referred you to a specialist
- How you heard about McGrath Dental
What Will We Do with Your Information?
We will continue to ask our patients to provide us with accurate personal sensitive identifiabledata to enable the practice team to deliver safe and appropriate systems of dental care. This allows us to keep your sensitive data up to date and relevant to its purpose for use.
As a dental practice, we are required to retain your dental records, X- rays and study models while you are a patient of this practice and even if you are no longer a patient, for at least eleven years or until age 25, whichever is longest.
All staff at McGrath Dental take security of your personal sensitive identifiable information very seriously, any data we hold on your records is kept secure on our practice softwarewhich is an electronic systembacked up on a secure server via Dental IT Ltd, our systems to maintain security are of paramount importance to us all, our computers holding your secure information is password protected and updated regularly. The information is only accessible to authorised personnel. i.e. the practice team involved in your care.
Who will your information be shared with?
Via your consent which is freely given, informed and unambiguous, your information will be used to inform you of otherdental services that we provide or introduce, such as additional clinics or treatment offers.
Again, via your consent and only at your request we will share some of your information with third parties such as:
- Denplan (dental payment plan specialists)
- Finance 4 Patients (online application for dental treatment to be paid for with interest free finance or interest-bearing finance)
- Private dental schemes of which you are already a member
- Referrals to other health care services e.g. general medical practitioner, hospital referral, specialist’s dental practitioners or dental laboratories
McGrath Dental will only disclose information that the recipient needs to know.
Your Individual Rights
Data subjects (patients) have the following rights regarding their personal data under GDPR:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Right not to be subject to automated decision making including profiling
Lawful Basis for Processing
Personal data will only be processed:
- With your consent
- Legitimate interests
- Performance of a contract
- Legal obligation
- Vital interest
- Public task
When required by police, law or a court order, personal data will have to be disclosed to a third party not connected with your dental care. Where possible you will be informed of these requests for disclosure.
You have the right to withdraw your consent at any time without repercussion from withdrawal.
If you have any concerns with the way we are handling your data, please do not hesitate to call the practice on 0151 329 2888 and ask to speak with Andrea Holmes our practice manager. Alternatively, you can contact the Information Commissioner’s Office at www.ico.org.uk