The relationship between dentist and patient is based on the understanding that any information revealed by the patient will not be divulged without the patient’s consent. Only in exceptional circumstances (e.g. where a major crime is being investigated, or to comply with specific laws such as Road Traffic Acts or terrorism) are we allowed to divulge any information about patients without their specific consent.
Under the Freedom of Information Act 2002, we have a “publication scheme” where we are obliged to supply to any interested party any information we may hold on them. Under the Data Protection Acts 1984 and 1998 we are obliged to safeguard the holding of personal data of our patients.
This practice has adopted the following three principles of confidentiality:
- Personal information about a patient is confidential to those providing healthcare.
- It should only be provided to those who would be unable to provide effective care without that information (Need-to-know)
- Information should not be disclosed to third parties without consent of the patient except in the circumstances set out in the first paragraph.
What this means to you:
- Records should be kept secure and in a location that prevents other individuals from reading them.
- When talking to a patient on the telephone or in a public area care should be taken to ensure that sensitive information is not overheard by other patients.
- Details of names, addresses, telephone numbers, attendance or financial record, treatment histories or plans, medical history or information about other family members should not be divulged.
- Messages regarding patient care should not be left on answer machines. A message to call the practice is all that can be left.
- Discussions being conducted within hearing of any patient should be on strictly professional matters, never discussing a patient by name.
- Conversations on non-professional matters should be reserved for the staff room.
- Any member of staff who breaks these rules will be liable for summary dismissal.
- All data processed at this practice must remain confidential even if your employment has terminated. (it is an offence under the Data Protection Act 1998 to disclose such information)
You are required to make yourself familiar with and follow our Data Protection Policy Code of Practice, which sets out the way in which we require personal data to be treated in order to comply with the law.
Personal data is confidential and is held solely for the purpose of carrying out company business. Breach of our Data Protection Policy or Code of Practice may amount to misconduct and result in disciplinary action. Persistent breaches or a serious breach may result in your dismissal.
We will ensure that appropriate measures are adopted to guard against unauthorised and unlawful processing, or the accidental loss, destruction of or damage to data.
The subject of data protection is a complicated one. If you require guidance or assistance you should contact our Data Protection Officer who will be pleased to help you and answer any queries that you may have.