The practice aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the guidelines on the Information Commissioner’s website as well as our professional guidelines and requirements.
Barry Kasai is the data controller, Information Governance Lead and the Data Protection Officer for Wellington Dental Practice.
This Privacy Notice is available on the practice website at www.wellingtondentalpractice.com/privacynotice at reception, by email if you contact firstname.lastname@example.org or by calling 01823 661 555.
You will be asked to provide personal information when joining the practice. The purpose of processing your personal data is to provide you with optimum dental health care and prevention.
The categories and examples of data we process are:
- Personal data for the provision of dental health care.
- Personal data for the purposes of providing treatment plans, recall appointments, reminders or estimates.
- Personal data such as details of family members for the provision of health care to children or for emergency contact details.
- Personal data for the purposes of employed and self-employed team members employment and engagement respectively.
- Personal data for the purposes of direct mail, email and text to inform you of important announcements or about new treatments or services.
- Personal data – IP addresses so that we can understand our patients better and inform our marketing approach as well as improve the web site experience.
- Special category data including health records for the purposes of the delivery of health care and meeting our legal obligations.
- Special category data including health records.
- Special category data to meet the requirements of the Equality Act 2010.
- Special category data details of criminal record checks for employees and contracted team members.
We minimise the data that we keep, and do not keep it for longer than necessary.
We never pass your personal details to a third party unless we have a contract for them to process data on our behalf and will otherwise keep it confidential. If we intend to refer a patient to another practitioner or to secondary care such as a hospital we will gain the individual’s permission before the referral is made and the personal data is shared.
Your data will be shared with the NHS in England, Scotland and Wales or the HSC in Northern Ireland if you are having NHS or HSC treatment.
- Personal data is stored in the [EU] whether in digital or hard copy format.
- Personal data is stored in the US in digital format when the data storage company is certified with the EU-US Privacy Shield.
- Personal data is obtained when a patient joins the practice, when a patient is referred to the practice and when a patient subscribes to an email list.
For full details or where your data is stored, please ask to see Information Governance Procedures.