Practice Privacy Statement
Obtaining personal information
It is important to obtain, use and store information about you, your general and your dental health in order to provide dental care efficiently and reduce the risk of injury or other damage to your health. This personal data includes:
- Personal details such as your name, age, address, telephone numbers, email address
- Your doctor and relevant Medical Consultant(s)
- Your medical and dental history
- X-rays, clinical photographs and study models
- Information about proposed treatment, options, consent to treatment, treatment provided and its cost
- Notes of conversations or incidents that might occur for which a record needs to be kept
- Any correspondence with other healthcare professionals relating to you including agreed referrals to other healthcare professionals
Your personal information is stored on a computer.This practice is registered with the Data Protection Commissioner.Your personal data is retained in your manual record.
We will regularly update your personal data, including your medical care, to keep it relevant. We ask that you please inform us of any significant changes, such as a change of address or other contact details, at your earliest convenience. It is important to know that the collection, use or possible disclosure of this data may be crucial to our ability to safely provide you with the care you require; without your agreement to this process it may not be possible to undertake treatment.
You have access to a copy of your personal data upon written request and the right to have data rectified if incorrect.
Personal data is kept for specified, explicit and lawful purposes
Your personal data is obtained, kept and used primarily for the purpose of providing you with healthcare efficiently and safely at all times.Staff within the practice will have access to the data on a ‘need-to-know’ basis to ensure you receive the highest standard of care.In the course of your care, members of the dental team may access your records:
- To prepare for and to complete your dental care
- To identify and print a prescription
- To generate a work certificate
- To type, if dictated or print a referral letter to another healthcare professional
- To open correspondence or any other documents from other healthcare professionals
- To print or photocopy your records if you instruct us to forward them to another healthcare professional
- To collate, print, photocopy and post insurance or medico-legal reports.
It is practice policy to send you a reminder of when your next ‘check-up’ is due. This reminder is sent to you by post/electronic mail or SMS. We seek your consent to use your personal data for this propose and advise you of your right to refuse to have your data used for this purpose.
Personal data is only used and disclosed for the purpose of your care
All members of the dental team adhere to the practice’s Code on Confidentiality in compliance with the Data Protection Acts, 1988 and 2003, and the Dental Council’s Code of Practice relating to Professional Behaviour and Ethical Conduct, 2012.
Any disclosure of personal data, without your consent, can only be done for specified, legitimate reasons (Data Protection Act, 1988; Section 10, Dental Council’s Code of Practice relating to Professional Behaviour and Ethical Conduct, 2012).
Access to your personal data is on a ‘need-to-know’ basis. This prohibits the release of your information to a spouse, partner or family member without your explicit consent. A guardian or carer may have the right to access information in the case of vulnerable adults or those with diminished mental capacity. A parent or guardian will have access to your personal information if you are less than 16 years of age.
A copy of your dental records will be transferred to another practice or healthcare professional upon your written request.
Your consent will be sought before the release of any data to other healthcare professionals and then only the relevant part of your records will be released.All healthcare professionals are required to treat your personal data to the same standard of privacy as outlined in this statement.
Your consent will be sought in the case of:
- A report to dental insurance company
- A medico-legal report
- Any documentation relating to a “third party” Dental Scheme (e.g. PRSI scheme)
There are certain activities where patient information may be used.
- Continuing Professional Development. Case studies are a very useful learning tool
- Quality Assurance/Internal audit. Audit is a necessary tool in assessing and assuring the quality of your care
If DENTIST should cease practice or should die while still a practicing dentist, the dental team will be guided by the Dental Council’s Code of Practice relating to Professional Behaviour and Ethical Conduct in informing you, safeguarding your personal data and ensuring continuity of care where possible.
Every effort is made to ensure disclosed personal data is accurate and transferred securely.
Personal data is kept safely
Obtained personal data is accessed on a ‘need-to-know’ basis and thereafter, is stored securely:
- There is no access for unauthorised persons to manual records, fax machines, computers or computer monitors within the practice.
- The dental team is trained in the secure use of email and the internet
- The dental team is compliant with the practice’s security measures
- Manual records are stored under lock and key
- The practice premises is locked and alarmed when unoccupied
- The practice software is legally owned
- The practice software is updated regularly and password protected
- Software security is audited
- All clinical, financial and administrative records are backed up off-site daily.
Personal data is kept accurate, complete and up-to-date
A staff member will review your personal information with you on a regular basis to ensure we hold accurate, high quality records for you. Any changes to your personal details, your medical or dental status will be recorded in your records. We ask you to let us know of any changes in contact details at your earliest convenience.
Personal data is adequate, relevant and not excessive
Every effort is made to ensure that the information we collect and retain for you is in keeping with our aim to provide you with an efficient service and to care for you safely. We will explain the purpose of any information sought if you are not sure why.
Personal data is retained for no longer than necessary
We retain all adult records for 8 years after the last treatment. In the case of children and young adults, the records are kept until the patient’s 25th birthday; or their 26th birthday if the young person was 17 when they finished treatment. If a patient dies before their 18th birthday, records are kept for 8 years.
All records are disposed by a secure, certified, method of destruction (Dental Council Code of Practice relating to Professional Behaviour and Ethical Conduct, 2012).
You are legally entitled to a photocopy of your personal data upon written request. As well as a right of access you also have the right to have any inaccuracies in your data rectified and to have the data erased. (NOTE: The maximum fee for an access request is €6.35). You will be provided with a photocopy of an x-ray in response to an access request.
All written requests should be addressed to:
Shields Dental and Implant Clinic
10 Ashdown Centre
South Circular Road
Your request will be dealt with in a timely manner.
It is your right to have your name removed from all practice marketing information including ‘check-up’ recalls if you do not consider this information to be in your best interest. If you wish to be removed from our appointment texting service or our marketing/mailing lists please contact clinic.
If you do not wish to have your personal data collected, used or disclosed as described in this Statement please discuss this matter with Shields It is important to know that the collection, use or possible disclosure of this data may be crucial to our ability to safely provide you with the care you require; without your agreement to this process it may not be possible to undertake treatment.
If you have a complaint or concern with any aspect of how we process your personal information we would hope that you would notify the business manager in the first place. You retain the right to make a complaint to the Data Protection Commissioner at all times.
Cookies and Similar Technologies on our Website:
If you delete your cookies, change browsers or use a different cookie, our cookie (or an opt-out cookie) may no longer work and you will have to re-input (or opt-out) again.
Analytics and Conversion Tracking:
We may collect information about your computer, including your IP address, operating system and browser type, for system administration and in order to create reports. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Like many services, the Analytics Service uses first-party cookies to track visitor interactions as in our case, where they are used to collect information about how visitors use our site. We then use the information to compile reports and to help us improve our site.
Cookies contain information that is transferred to your computer’s hard drive. These cookies are used to store information, such as the time that the current visit occurred, whether the visitor has been to the site before and what site referred the visitor to the web page.
The Analytics Service collects information anonymously. They report website trends without identifying individual visitors. You can opt out of the Analytics Service without affecting how you visit our site. For more information on opting out of being tracked by Google Analytics across all websites you use, visit https://tools.google.com/dlpage/gaoptout.
We may also use Google conversion tracking and/or similar services to help us understand your and other users’ use of our Website.
Online payments are processed by Stripe. Stripe is fully GDPR-compliant. No financial information is obtained by Shields Dental & Implant Clinic when payments are made via the Stripe payment form.
Automatically Collected Information:
When you access our Website or open one of our HTML emails, we may automatically record certain information from your system by using cookies and other types of tracking technologies. This “automatically collected” information may include Internet Protocol address (“IP Address”), a unique user ID, device type, device identifiers, browser types and language, referring and exit pages, platform type, version of software installed, system type, the content and pages that you access on our Website, the number of clicks, the amount of time spent on pages, the dates and times that you visit our Website, and other similar information. Depending on the law of your country of residence, your IP address may legally be considered personally identifiable information.
Your Disclosures in our Blogs and other Social Media:
You should be aware that personally identifiable information which you voluntarily include and transmit online on our Website or in a publicly accessible blog, chat room, social media platform or otherwise online, or that you share in an open forum such as an in-person panel or survey, may be viewed and used by others without any restrictions. We are unable to control such uses of your personally identifiable information, and by using our Website or any other online services you assume the risk that the personally identifiable information provided by you may be viewed and used by third parties for any number of purposes.
As a convenience to you, we may provide links to third-party Services from within our Website. We are not responsible for the privacy practices or content of these third-party sites. When you link away from our Website, you do so at your own risk.
No Rights of Third Parties:
If you have any questions in relation to this Statement or any issue that arises from it, please speak with the business manager who is contactable by emailing firstname.lastname@example.org or phoning us at 061-480070.