Privacy policy
We are a data controller under the terms of the Data Protection Act 2017 and the requirements of the EU General Data Protection Regulation. This Privacy Policy explains what personal data our practice holds, why we hold and process it, who we share it with, and your rights and freedoms under the law. To read and download our Data Security Policy for Melton Orthodontics, please use the buton below.
Types of personal Data
The practice holds personal data in the following categories:
- Patient clinical and health data and correspondence
- Staff employment data.
- Contractors’ data
Why we process Personal Data (what is the purpose)
‘Process’ means we obtain, store, update and archive data.
- Patient data is held for the purpose of providing patients with appropriate, high quality, safe and effective dental care treatment.
- Staff employment data is held in accordance with Employment, Taxation and Pensions Law.
What is the Lawful Basis for processing Personal Data?
The Law says we must tell you this:
- We hold patient’s data because it is in our Legitimate Interest to do so. Without holding the data we cannot work effectively.
- We hold staff employment data because it is a Legal Obligation for us to do so.
- We hold contractors’ data because it is needed to Fulfil a Contract with us.
Who might we share your data with?
We can only share data if it is done securely and it is necessary to do so.
- Patient data may be shared with other healthcare professionals who need to be involved in your care for example if we refer you to a specialist, or need laboratory work undertaken. Patient data may also be stored for back-up purposes with our computer software suppliers who may also store it securely.
- Employment data will be shared with government agencies such as HMRC and accountants.
Your Rights
You have the right to:
- Be informed about the personal data we hold and why we hold it.
- Access a copy of your data that we hold by contacting us directly: we will acknowledge your request and supply a response within one month or sooner.
- Check the information we hold about you is correct and to make corrections if not.
- Have your data erased in certain circumstances.
- Transfer your data to someone else if you tell us to do so and it is safe and legal to do so.
- Tell us not to actively process or update your data in certain circumstances.
How long is Personal Data stored for?
- We will store patient data for as long as we are providing care, treatment or recalling patients for further care. We will archive (that is, store it without further action) for as long as is required for legal purposes as recommended by trusted experts.
- We must store employment data for six years after an employee has left.
- We must store contractors’ data for seven years after the contract is ended.
How the NHS and care services use your information
Melton Orthodontics is one of many organisations working in the health and care system to improve care for patients and the public
Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
- improving the quality and standards of care provided
- research into the development of new treatments
- preventing illness and diseases
- monitoring safety
- planning services
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.
Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:
- See what is meant by confidential patient information
- Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
- Find out more about the benefits of sharing data
- Understand more about who uses the data
- Find out how your data is protected
- Be able to access the system to view, set or change your opt-out setting
- Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
- See the situations where the opt-out will not apply
You can also find out more about how patient information is used at:
https://www.hra.nhs.uk/information-about-patients/(which covers health and care research); and https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)
You can change your mind about your choice at any time.
Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.
Health and care organisations have until 2020 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Our organisation ‘is / is not currently’ compliant with the national data opt-out policy
What if you are not happy or wish to raise a concern about our data processing?
You can complain in the first instance to us our data controller officer Miranda Turner-Pope, and we will do our best to resolve the matter. If all else fails, you can complain to the Information Commissioner at www.ico.org.uk/concerns or by calling 0303 123 1113.