Our Commitment To You and Your Personal Data
Personal data is protected by law under the Data Protection Act 2018 Only information necessary to carry out dental treatment safely, efficiently and effectively is collected. It is stored securely and destroyed after eleven years or in the case of children up to the age of twenty five years, whichever is the longer. The information is only shared with other health professionals to help provide care. It can be shared with other organisations such as Benefit Agency, Inland Revenue or when required by law or a court order. Patients have the right to access the personal information that we hold about them.
The General Data Protection Regulations (GDPR)
What is GDPR?
The GDPR is the biggest change to data protection law in over 20 years. The aim is to give individuals more control over how their personal information is handled. This includes how we handle your data as a patient of our practice! Remember, as a patient of our practice, your information is also governed by the Care Quality Commission and General Dental Council regulations, not just GDPR. Below is a summary of how GDPR impacts you.
What kind of personal data does this include?
Personal data includes everything ranging from basic contact details like your name, phone number, email address and home address - right through to more complex and sensitive personal data like scans, x-rays, pictures and information about your oral health and overall health.
Lawfulness, fairness & transparency
We will process your personal data in a way that is fair, transparent and in keeping with the law.
We will only process personal data for the purposes for which it was collected - in order to provide you with the best quality care and to operate our dental practice.
We will not keep your personal data for any longer than necessary for us to provide our care to you, and we will delete any data that we no longer need to keep.
We will only collect the personal data that we need in order for us to provide our care to you and operate our dental practice.
We will ensure that the personal data we hold on you is accurate and up to date - and update it promptly when you inform us of any changes.
Integrity & confidentiality
We will ensure that we have the necessary measures in place to protect your personal data and make sure it’s kept secure.
We will be accountable for your personal data and make sure that any third parties we share your data with in order to provide you with our care are held to the same standard.
What rights will I have under GDPR as a patient?
As a patient you have a number of rights concerning your personal data. GDPR is strengthening these rights, as well as introducing new ones.
The right to be informed
You have a right to know how your personal data is processed, how long we keep it for and who your data is shared with in a clear and transparent privacy notice.
The right of access
You will have the right to access any personal information we hold about you at the practice, free of charge. You can ask for this by completing a “subject access request” and we will respond within one month.
The right to rectification
You have the right to have your personal information corrected in a timely fashion if you believe it’s inaccurate or incomplete.
The right to erasure
Also known as the “right to be forgotten”, you have the right to ask for your personal data to be deleted when we no longer need your personal data.
The right to restrict
In certain circumstances, you have the right to restrict or limit the extent to which we process your personal data.
The right to data portability
You have the right to request a copy of your personal information in a structured, commonly-used, machine-readable format and ask for it to be sent to another dental practice.
The right to object
You have the right to object to us processing your personal information for certain things, including direct marketing.
The service we offer
We will respond to a FOI/Data subject access request within thirty days, requests must be in writing and addressed to the Data Protection Officer stating the name of the applicant, and address for correspondence and a description of the information required. The Data Protection Officer will require you to complete a FOI/Data subject access request form which can be requested at the reception or via email at firstname.lastname@example.org
Information Commissioners Office
FOI Act 2000
This guidance will be updated regularly. Any comments or suggestions about this guidance should be addressed to the Practice Principal at Wallasey Village Dental Practice, 39 Leasowe Road, Wallasey Village, Wallasey, CH45 8NY.