Privacy policy
We are committed to safeguarding and preserving the privacy of our visitors.
This privacy policy explains what happens to any personal data that you provide to us, or that we collect from you whilst you visit our site.
Users may visit our site anonymously. We will collect personal identification information from our site users only if you voluntarily submit such information to us as part of taking part in the activity of the site.
We do update this policy from time to time so please do review this policy regularly.
THE WEBSITE
We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.
THIRD PARTY LINKS
Although this website only looks to include quality, safe and relevant external links users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
PERSONAL DATA
Users contacting us through the website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) 2018. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
No personal details are passed on to third parties nor shared with companies or people outside of the company that operates this website.
PRACTICE DATA PROTECTION POLICY
Banbeath dental practice is committed to ensuring the security of personal data held by the practice. The objective is achieved by every member of the team complying with the policy. The practice is further committed to complying with Data Protection Act 1998, General Data Protection Regulation (GDPR) and GDC Standards, by collecting, holding, maintaining and accessing data in an open and fair fashion.
All data is:
Hard copy and computerised records are stored, reviewed and updated securely and confidentially. Records are securely destroyed when no longer required. Confidential information is only seen by personnel who need to see it and the team are trained on our policies and procedures to keep patient information confidential.
Personnel records will only be seen by appropriate management.
Criminal record check information is kept securely in a lockable, non-portable storage cabinet with access strictly controlled and limited to persons who need to have access to this information in the course of their duties. Criminal record disclosure details (CRB/DBS checks) are not kept for longer than necessary. They are kept for no longer than six months after the decision has been made to appoint or not, from appointment or for six months from the date the applicant was unsuccessful, to allow for the consideration and resolution of any disputes or complaints.
Patients' records will only be seen by appropriate team members. To facilitate patients' health care the personal information about them may be disclosed to a doctor, health care professional, hospital, NHS authorities, the Inland Revenue, the Benefits Agency (when claiming exemption or remission from NHS charges) or private dental schemes of which the patient is a member. In all cases, the information shared will be only that which is relevant to the situation. In very limited cases, such as for identification purposes, or if required by law, information may have to be shared with a party not involved in the patients' health care. In all other cases, information will not be disclosed to such a third party without the patient's written authority.
All confidential information is sent via secure methods. Electronic communications and stored date are encrypted. All computerised clinical records are backed up and encrypted copies are kept off site.
Confidentiality
ACCESS TO RECORDS (SUBJECT ACCESS REQUESTS)
Patients and team members can have access to the original of the records kept about them free of charge. To receive a copy of all records kept about them by the practice, a team member or patient should make a written request to the practice manager. An appropriate fee will be calculated to cover administrative costs if the request is deemed to be 'manifestly unfounded or excessive'. Copies will be provided by the practice manager no later than one month from receipt of this request. An employee or patient may challenge information help on record and following investigation should the information be inaccurate; the practice will correct this information and inform the employee/patient of the change in writing.
CONTACTING US
If you have any questions about this privacy policy, the practices of this site, or your dealings with this site, please contact us.
This privacy policy explains what happens to any personal data that you provide to us, or that we collect from you whilst you visit our site.
Users may visit our site anonymously. We will collect personal identification information from our site users only if you voluntarily submit such information to us as part of taking part in the activity of the site.
We do update this policy from time to time so please do review this policy regularly.
THE WEBSITE
We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.
THIRD PARTY LINKS
Although this website only looks to include quality, safe and relevant external links users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
PERSONAL DATA
Users contacting us through the website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) 2018. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
No personal details are passed on to third parties nor shared with companies or people outside of the company that operates this website.
PRACTICE DATA PROTECTION POLICY
Banbeath dental practice is committed to ensuring the security of personal data held by the practice. The objective is achieved by every member of the team complying with the policy. The practice is further committed to complying with Data Protection Act 1998, General Data Protection Regulation (GDPR) and GDC Standards, by collecting, holding, maintaining and accessing data in an open and fair fashion.
All data is:
- Processed fairly and lawfully.
- Obtained only for specified and lawful purposes and further processed only in a compatible manner.
- Adequate, relevant and not excessive to the purpose of processing.
- Accurate and kept up to date.
- Kept no longer than necessary.
- Processed in accordance with the rights of the data subjects.
- Kept secure and confidential.
- Not transferred outside the EEA unless adequate protection is provided.
Hard copy and computerised records are stored, reviewed and updated securely and confidentially. Records are securely destroyed when no longer required. Confidential information is only seen by personnel who need to see it and the team are trained on our policies and procedures to keep patient information confidential.
Personnel records will only be seen by appropriate management.
Criminal record check information is kept securely in a lockable, non-portable storage cabinet with access strictly controlled and limited to persons who need to have access to this information in the course of their duties. Criminal record disclosure details (CRB/DBS checks) are not kept for longer than necessary. They are kept for no longer than six months after the decision has been made to appoint or not, from appointment or for six months from the date the applicant was unsuccessful, to allow for the consideration and resolution of any disputes or complaints.
Patients' records will only be seen by appropriate team members. To facilitate patients' health care the personal information about them may be disclosed to a doctor, health care professional, hospital, NHS authorities, the Inland Revenue, the Benefits Agency (when claiming exemption or remission from NHS charges) or private dental schemes of which the patient is a member. In all cases, the information shared will be only that which is relevant to the situation. In very limited cases, such as for identification purposes, or if required by law, information may have to be shared with a party not involved in the patients' health care. In all other cases, information will not be disclosed to such a third party without the patient's written authority.
All confidential information is sent via secure methods. Electronic communications and stored date are encrypted. All computerised clinical records are backed up and encrypted copies are kept off site.
Confidentiality
- All staff employment contracts contain a confidentiality clause.
- Access to personal data is on a 'need to know' basis only. Access to information is monitored and breaches of security will be dealt with swiftly by Esme Jardine.
- We have procedures in place to ensure that personal data is regularly reviewed, updated and deleted in a confidential manner when no longer required. The practice adheres to the minimum legal requirements for keeping all clinical records. These are eleven years for adults and up to the age of 25 or eleven years, whichever is longer, for children - although medico-legal organisations prefer that all health records are kept indefinitely. Patients and staff have the right to access their records and receive a copy, after making a request in writing. The practice must comply with one month of receipt. There will be no fee for this unless manifestly unfounded or excessive, in which case a 'reasonable fee' will be charged to cover administrative costs for processing this information.
- All patients and staff members should be informed that the practice will process their personal data and if required, they should be given an explanation of how the data is going to be processed and provided with a copy of the Data Protection Policy.
- Personal data is only taken away from the practice premises in exceptional circumstances and when authorised by Esme Jardine. If personal data is taken from the premises, it must never be left unattended in a car or in a public place.
- Personnel records are kept in a lockable fireproof cabinet, which is not easily accessible by patients and visitors to the practice.
- Efforts have been made to secure the practice against theft by, for example, the use of intruder alarms, lockable windows and doors.
- The practice has in place, a business continuity plan in case of a disaster. This includes procedures set out for protecting and restoring personal data.
- Appropriate software controls are used to protect computerised records, for example the use of passwords and encryption. Passwords are only known to those who require access to the information, are changed on a regular basis and are not written down or kept near or on the computer for others to see. All users should log off the computer when not present in the surgery/reception/office.
- Daily and weekly back-ups are also tested at prescribed intervals to ensure that they information being stored is usable - should it be needed.
- Staff using practice computers will undertake computer training to avoid unintentional deletion or corruption of information.
- Dental computer systems all have a full audit trail facility - preventing the erasure or overwriting of data. The system records details of any amendments made to data, who made them and when.
- Precautions are taken to avoid loss of data through the introduction of computer viruses security measures.
ACCESS TO RECORDS (SUBJECT ACCESS REQUESTS)
Patients and team members can have access to the original of the records kept about them free of charge. To receive a copy of all records kept about them by the practice, a team member or patient should make a written request to the practice manager. An appropriate fee will be calculated to cover administrative costs if the request is deemed to be 'manifestly unfounded or excessive'. Copies will be provided by the practice manager no later than one month from receipt of this request. An employee or patient may challenge information help on record and following investigation should the information be inaccurate; the practice will correct this information and inform the employee/patient of the change in writing.
CONTACTING US
If you have any questions about this privacy policy, the practices of this site, or your dealings with this site, please contact us.
