Privacy Policy
- provide, appropriate, safe and effective dental care, treatment and advice for all our patients.
- fulfil any contracts we hold in relation to their care.
- for business administration of their care.
Personal data held for our patients
- name, address, date of birth.
- unique identification number.
- next of kin
- email address.
- phone numbers.
- gp contact details.
- occupation.
- medical history.
- dental care records.
- photographs.
- family group.
- payment plan details.
- financial information.
- credit cards receipts.
- correspondence.
- details of any complaints received.
We keep an inventory of personal data we hold on our patients and this is available for patients on request.
Disclosure to third parties
We will share our patients’ personal information with third parties when required by law or to enable us to deliver a service to them or where we have another legitimate reason for doing so. Third parties we may share patients’ personal information with may include:
- regulatory authorities such as the general dental council or the care quality commission
- insurance companies
- loss assessors
- fraud prevention agencies
- in the event of a possible sale of the practice at some time in the future.
We may also share personal information where we consider it to be in a patient’s best interest or if we have reason to believe an individual may be at risk of harm or abuse.
Personal privacy rights
- right to subject access.
- right to have inaccuracies deleted.
- right to have information erased.
- right to object to direct marketing.
- right to restrict the processing of their information, including automated decision-making.
- right to data portability.
Patients who wish to have inaccuracies deleted or to have information erased must speak to the dentist who provided or provides their care.
Legal basis for processing data held about patients
- The legal basis for recording individual types of data are recorded in our patient personal data inventory. This is available for all patients to see on request.
- The legal basis on which we process personal information for our private patients is Legal obligation.
- The legal basis on which we process personal information for our payment plan patients is Legal obligation and legitimate interest.
- The legal basis on which we process personal information for our NHS patients is legal obligation.
- Automated decision making
- All individuals who have personal data held about them have a right to object to their personal data being subjected to automated decision making.
Consent
Caspian Dental Clinic always obtains specific, unambiguous opt in consent from all patients to whom we send direct marketing information.
For a new patient, we obtain consent for these things when the patient first attends the practice. For an existing patient, we ask the patient for consent when they attend for their recall appointment or for a treatment appointment. We refresh this consent when the patient completes a new medical history proforma.