Fox Lane Dental Care is committed to protecting your privacy and complying with all aspects of the General Data Protection Regulations (effective from 25thMay 2018). When contacting us, you may be asked to provide information by which you can be identified, but you it will only be used in accordance with this privacy statement and the GDPR.
The information we collect from you:
- First name
- Last name
- Previous names
- Date of Birth
- Telephone numbers
- Mobile telephone number
- Post Code
- National Insurance Number
Special (sensitive) Information
- State Benefits status
- Dental Insurance status
- Email address
- GP name and address
- Medical History and any medication prescribed
- Dental history
What we do with the information we gather:
We use your information to understand your needs, provide you with personal dental health care services, and to keep our records up to date and accurate. From time to time we may also use your data or pass your data on to 3rdparties such as laboratories, specialists, the NHS BSA to contact you by email or phone, for the purposes of your care, our remuneration or for satisfaction survey and NHS service regulation purposes. This will always be provided in compliance with the regulations and with your ongoing consent.
Your Data Security
To ensure your details remain secure and to prevent unauthorised access or disclosure, we have procedures in place to protect the information we collect online and in the practice.. We will not sell distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. Our staff receives constant training in dealing safely and confidentially with your data.
You may choose to restrict the collection or use of your personal information in the following ways:
- We may use your personal information to carry out the health care that we offer you, but only if you tell us you wish this to happen. You may change your mind at any time by writing to us or sending an email to firstname.lastname@example.org
- If you have previously agreed to us using your personal information for any of the reasons stated above, you may change your mind at any time by writing to us or sending an email to email@example.com
- You have the right to view, restrict, correct, delete and alter your data that we collect.
EU General Data Protection Regulation
Under GDPR (effective from 25thMay 2018) we will ensure that your personal information we hold about you will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely
- Always used with your ongoing consent
We also will always inform you of your rights to your data under the GDPR.
The practice aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the guidelines on the information Commissioner’s website as well as our professional guidelines and requirements.
The Data Controller is Dr Kyri Falekkos.
This Privacy Notice is also available at reception, in printed form and by email if you contact firstname.lastname@example.org or by calling 02088860325.
The categories of data we process are:
• Personal data for the purposes of providing you with dental health care
• Special category data including health records for the purposes of the delivery of health care
• Special category data including health records and details of criminal record checks for managing employees and contracted team members
• Personal data for the purposes of staff and self-employed team member management
We never pass your personal details to a third party unless we have a contract for them to process data on our behalf and will otherwise keep it confidential. If we intend to refer a patient to another practitioner or to a secondary care such as a hospital we will gain the individual’s permission before the referral is made and the personal data is shared.
• Personal data is stored in digital or hard copy.
• Personal data is obtained when a patient joins the practice, when a patient is referred to the practice.
The lawful basis for processing special category data such as patients’ and employees’ health data is:
• Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional
The lawful basis of processing personal data such as name, address, email or phone number is:
• Consent of the data subject
• Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
The retention period for special data in patient records is a minimum of 10 years and may be longer for complex records in order to meet our legal requirements. The retention period for staff records is 6 years. The retention periods for other personal data is 2 years after it was last processed. Details of other retention periods are available in the Record Retention policy procedure available from the practice.
You have the following personal data rights:
• The right to be informed
• The right of access
• The right to rectification
• The right to erasure (clinical records must be retained for a certain time period by law)
• The right to restrict processing
• The right to data portability
• The right to object
Further details of these rights can be seen at the Information Commissioner’s website . Here are some practical examples of your rights:
• If you are a patient of the practice you have the right to withdraw consent for important notifications, newsletters, surveys or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or text. You have the right to obtain a free copy of your patient records within one month.
• If you are not a patient of the practice you have the right to withdraw consent for processing personal data, to have a free copy of it within one month, to correct errors in it or to ask us to delete it. You can also withdraw consent from communication methods such as telephone, email or text message.
Comments, suggestions and complaints
Please contact Dr Kyri Falekkos by writing to:
Fox Lane Dental Care, 12 Fox Lane, London, N13 4AH.
We take complaints very seriously.
If you are unhappy with our response or if you need any advice you should contact the Information Commissioner’s Office (ICO). Their telephone number is 0303 123 1113, you can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who’s misused personal data . You can also visit their website for information on how to make a data protection complaint.