Data Protection policy

At well:o we are committed to protecting the privacy and confidentiality of our patients’ personal information. Well:o complies with the 1998 Data Protection Act and the freedom of information Act 2000.

This data protection policy outlines the measures we have in place to ensure the security and integrity of the date we collect and process. This policy applies to all employees contractors, and third-party service providers who handle personal date on our behalf.

To provide our patients with a high standard of dental care, we need to hold personal information about you. We will always obtain consent from individuals before collecting data.

This personal data comprises:
 – Personal details such as your name, age, address, telephone numbers, email   address and your GP details
 – Your past and current medical and dental history
 – Radiographs, clinical photographs
– Information about the treatment we have provided or propose to provide with costs outlined
– Notes of conversations or incidents that might occur for which a record needs to be kept
 – Records of consent to treatment
– Any correspondence (relating to you) with other healthcare professionals: such as referrals to specialists, dentists, for example.

We need to keep comprehensive and accurate personal information about our patients to provide them with safe and appropriate dental care. We will retain your dental records while you are a practice patient. If you cease to be a patient, we will continue to hold them for at least eleven years, or in the case of children until they reach the age of 25, whichever is longer. Personal data about you is held in the practice’s computer system and/or in a manual filing system.
The information is not accessible to the public and only authorised members of staff have access to it. Our computer system has secure audit trails, and we back up information on every working day. To provide thorough and safe dental care, we may need to disclose personal information about you to:

– Your general medical practitioner
– The hospital or community dental services
– Other health care professionals caring for you
– Dental Insurance companies of which you are a member
– Private dental schemes of which you are a member

Disclosure will take place on a ‘need-to-know’ basis. Information will only be given to those individuals/organisations who need to have it to provide care to you and for the proper administration of Government (whose personnel are also covered by strict confidentiality rules). The recipient will only be given the information that they need to know for these purposes.

In very limited circumstances or when required by law or by court order, personal data may have to be disclosed to a third party not connected with your dental care. In all other situations, disclosure that is not covered by this policy will occur only when we have your specific consent. Where possible you will be informed of these requests for disclosure.

You have the right to access, rectify, and erase your personal data held by us. You also have the right to restrict or object to the processing of your data, as well as the right to data portability. Any access may be obtained by making a request in writing.

If a request is made to copy x-rays, an extra charge of £45 will be made. We will provide a copy of the record within 40 days of receipt of the request and fee and an explanation of your record should you require it.

If you move to another practice, we may (at our discretion) loan original x-rays and provide copy notes direct to that practice free of charge on receipt of a written request from them to do so.

In the event of a data breach that poses a risk to individuals’ rights and freedoms, we will notify the affected individuals and the relevant supervisory authority within the required timeframe.

All employees, contractors and third-party service providers who handle personal data on our behalf of the clinic will receive training on data protection policies and procedures. Regular audits and assessments will be conducted to ensure compliance with this policy and applicable data protection laws.

By adhering to this data protection policy, we aim to maintain the trust and confidence of our patients and ensure the security and privacy of personal information. You have the right to object, but please remember that this may affect our ability to provide you with dental care.