Privacy Notice for Magpies Dental practice
for Patient Data
Magpies Dental practice takes great care to protect the personal data we hold for you in line with the requirements of the General Data Protection Regulation (GDPR).
The purpose of collecting and storing personal data about you is to ensure we can:
- Provide, appropriate, safe and effective dental care, treatment and advice for you
- Fulfil any contracts we hold in relation to your care
- For business administration of your care.
Personal data held for our patients
The personal data we process (processing includes obtaining the information, using it, storing it, securing it, disclosing it, and destroying it) for you includes:
- Name, address, date of birth
- Unique identification number
- Next of kin
- Email address
- Phone numbers
- GP contact details
- Medical history
- Dental care records
- Family group
- Payment plan details
- Financial information
- Credit cards receipts
- Details of any complaints received
- Information given on PR form regarding their exemption
We keep an inventory of personal data we hold on our patients and this is available on request.
Disclosure to third parties
The information we collect, and store will not be disclosed to anyone who does not need to see it.
We will share your personal information with third parties when required by law or to enable us to deliver a service to you or where we have another legitimate reason for doing so. Third parties we may share your personal information with may include:
- Regulatory authorities such as the General Dental Council or the Care Quality Commission
- NHS Local Authorities
- Dental payment plan administrators
- Insurance companies
- Loss assessors
- Fraud prevention agencies
- In the event of a possible sale of the practice at some time in the future.
We may also share personal information where we consider it to be in a patient’s best interest or if we have reason to believe an individual may be at risk of harm or abuse.
Personal privacy rights
Under the General Data Protection Regulation (GDPR) you have the following personal privacy rights in relation to the information we hold about you.
You have a right to:
- Access to and copies of your records.
- Have inaccuracies deleted.
- Have information about you erased. This should be seen in light of the need to keep records about your dental care in case you have any problems in the future.
- Object to direct marketing.
- Restrict the processing of your information, including automated decision-making.
- Take your data to another dental practice or anywhere else.
Patients who wish to have inaccuracies deleted or to have information erased must speak to the dentist who provided or provides their care.
Legal basis for processing data held about patients
The GDPR requires us to state the legal basis upon which we process all personal data for our patients and it requires us to inform you of the legal basis on which we process your personal data.
The legal basis on which we process personal information for our private, NHS and Plan patients is for the care and to provide treatment to our patients
Magpies Dental Practice will always obtain specific, opt in consent from you for direct marketing information. We obtain consent on our medical history form where there will be a tick box option.
We will also obtain specific, opt in consent from you for contacting you and in which form. If you are a new patient, we will obtain consent when you first attend the practice. If you are wan existing patient, we will obtain consent when you attend for your recall appointment or for a treatment appointment. We will refresh this consent annually when you complete a new medical history proforma.
Withdrawal of consent
After you have given your opt in consent you have a right to withdraw your consent at any time.
This practice retains dental records and orthodontic study models while you are a patient of our practice and after you cease to be a patient, for at least eleven years, or for children until age 25, whichever is the longer.
You have a right to complain about how we process your personal data. All complaints concerning personal data should be made in person or in writing to Sanjay Patel or Bharat Patel. All complaints will be dealt with in line with the practice complaints policy and procedures.
Transferring personal data outside the EU
This practice sends any necessary laboratory work to Unites States for invisalign
Laboratory work sent outside the EU will be labelled with your unique identifying number rather than your name. A record of the unique identifying number will be held at the practice.
This Privacy Notice was reviewed and implemented on: 10/05/2018
It will be reviewed annually and is due for review on: 10/05/2019 or prior to this date in accordance with new guidance or legislative changes