Practice Policy GDPR
The Gill Clinic complies with the new General Data Protect regulation and the Data protection act 1998. This policy describes our procedures for ensuring that personal information about patients is processed fairly and lawfully.
Personal data that we hold, we must keep comprehensive and accurate personal data about you to provide you with a high standard of appropriate dental care.
The personal data that we hold includes:
Personal details such as your date of birth,NHS number, address, telephone number, email address and your general medical practitioner
- Your past and current medical and dental health.
- Radiographs, clinical photographs and study models.
- Information about the treatment that we have provided or propose to provide and its cost.
- Notes of conversations about your care.
- Records of consent to treatment.
- Correspondence with other health care professionals relating to you, for example in the practice or community services.
Processing data,We will process this personal data in the following way:
We will retain your dental records while you are a practice patient and after you cease to be a patient, for at least eleven years or, for children, until age of 25, whichever is the longer. Security of information Personal data about you is held in the practice computer system and in some cases achieved paper records. The information is not accessible to the public; only authorised members of staff have access to it. Staff are trained yearly in their legal responsibilities under the Data Protection Act and practical procedures for maintaining confidentiality.
We take precautions to keep the practice premises, filing systems and computers physically secure. Our computer system has secure audit trails and we back-up information daily. We use cloud computing facilities for the storage and processing of some of your data. The practice has a rigorous service level agreement with Software of excellence, our dental software provider to ensure that all our obligations in this policy are fulfilled and that your information is secure.
Disclosure of information:
To provide proper and safe dental care, we may need to disclose personal information about you to:
. your general medical practitioner
- The hospital or community dental services
- Other health professionals caring for you
- Private dental insurance schemes of which you are a member. Where possible, you will be informed of these requests for disclosure.
Disclosure: will take place on a ‘need-to-know’ basis. We will only provide information to individuals or organisations that need it to provide care to you or to ensure the proper administration of government (whose personnel are covered by strict confidentiality rules). We will only disclose information that the recipient needs to have. In limited circumstances or if required by law or a court order, personal data may be disclosed to a third party not connected with your health care. In all other situations, disclosure that is not covered by this Code of Practice will only occur when we have your specific consent.
Access: You can have access to the data that we hold about you and receive a copy by submitting a written request. This request is free of charge however we may charge a reasonable fee when a request is excessive or repetitive. The fee will be based on the administrative cost of providing the information requested. We will provide the requested information (and an explanation if you require it) within 30 days of receiving your request. It may be necessary to extend this period by a further two months where requests are complex or numerous. We will inform you within one month of receipt of the request and explain why the extension is necessary. If you do not agree If you do not wish personal data that we hold about you to be disclosed or used in the way that is described in this Code, you should discuss the matter with your dentist. You should be aware; however, that objecting to how we process your information may affect our ability to provide you with dental care