The StormDental processes personal identifiable information that relates to patients and is therefore required by law to comply with the General Data Protection Regulations (GDPR), which protect your privacy and ensure that your personal information is processed fairly and lawfully.
Data Controllers are Mr W Storm and Mrs G Storm
Our Data Protection Officer is Laura Mitchell
Our Commitment to Patients
The StormDental is committed to ensuring that it complies with GDPR and applies ethical principles to all aspects of its work to protect the interests of patients and maintain the confidentiality and security of any personal information held in any form by the practice.
Why Does the Practice Hold Personal Information About Me?
We keep information about you to:
- ensure the dental team can contact you easily;
- provide you with the best possible dental care;
- provide care for you under the NHS and enable administration of the NHS.
Our legal basis for holding this information is: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
How does the Practice Collect Personal Information?
We collect personal information either directly from you or are provided with it by third parties, such as other dental or medical providers. It is important that the personal information we hold about you is accurate and current. Please keep us informed of any changes to your personal information.
What Personal Information is kept?
Personal information includes facts (e.g. treatment you have had) and opinions (e.g. any concerns you or your dentist might have about your dental health). To provide the best possible care for you, accurate and comprehensive personal information is required. The following records are kept and updated regularly.
- personal information and contact details, including your name, address and date of birth, telephone number, mobile number and e-mail address;
- dental, social and medical histories (e.g. past or current medical conditions, current medication, the name of your GP);
- results of the examination of your mouth and oral health, including x-rays and clinical photographs;
- information about appointments;
- any treatments and their costs;
- Payment details;
- any proposed care, including advice we give to you and referrals you might need;
- any concerns you or your dental team might have;
- details of your consent for specific procedures;
- correspondence with other healthcare workers that relates to your care.
How is My Personal Information Processed?
Processing of Personal Information
To provide you with appropriate care, we process your personal data for the following purposes:
Your care – we keep patient records to allow us to provide appropriate dental treatment and care;
Practice Administration – we will use your contact information to let you know when your next appointment is due and we will also send reminders about any appointments that you have booked.
Sharing Relevant Information
To provide you with appropriate care, we might need to share your personal data with:
- another dentist or health professional who is caring for you;
- your GP;
- a laboratory;
- NHS payment authorities;
- the Inland Revenue;
- the Benefits Agency, if you are claiming exemption or remission from NHS charges;
- a private dental scheme, if you are a member.
In these cases, only the minimum information required will be shared. Rarely, the law requires us to pass on information to prevent serious crime or injury. Where possible, we will inform you of requests to share personal information.
Storage and Retention of Personal Information
We keep patient records for adult patients for a minimum of 11 years and for child patients for either 11 years or until the child is 25 years of age, whichever is longer.
We will not keep records for longer than necessary and after they are no longer required, records will be shredded or removed from the database.
Personal information is stored on a secure password-protected practice computer system and a manual filing system; only authorised practice staff have access to these systems. Back-ups of these data are made regularly throughout the working day.
Your Right to Access Personal Information
You have the right, under GDPR, to request a copy of the information held on you by our Practice. If you would like to make a request, please ask at reception or send your request in writing to the StormDental at the address below:
167 Main Street
We do not charge a fee for this information, unless we deem the request to be excessive, and will respond to your request within one month of its receipt. If we refuse your request, we will tell you reasons for this. You have the right to appeal to the Information Commissioner’s Office in this situation (see below for contact details).
You have the right to request correction of your information where there is an inaccuracy, request that we erase your information, object to the processing of your information or ask for the processing to be restricted. You also have the right to request the transfer of your personal information to another party, such as another dental practice. If you have concerns about the way we handle your personal information, you have the right to complain to the Information Commissioner’s Office (see below for contact details).
If you have a query or would like more information, please contact our receptionist on 01294 218733 or write to the Practice Manager at the address above.
Information Commissioner’s Office
Cheshire SK9 5AF
Tel.: 0303 123 1113