Data Protection Policy

Data Protection Policy

Data Protection Policy

For a downloadable version of this policy. Please click here.

  • This practice will ensure data is kept secured from unauthorised
  • There is no discussion of confidential, person identifiable information with, or disclosure to, a third party without explicit agreement of the Registered Manager.
  • Transfer of data between cooperating service providers is timely for patient care purposes, sufficient for service provision, restricted to relevant material, and safely transferred.
  • Office is compliant with the General Dental Council's publication, 'Standards of the Dental Team (2013)' and 'Principles of Confidentiality'. All team members are trained to know and follow these
  • There is advice on assessing a Patients mental capacity in the Mental Capacity Act 2005 - Codes of Practice.
  • The team is aware of their responsibilities regarding confidential data and will sign a written statement (contained in their contract of employment) about their responsibilities to maintain data protection at all
  • Information Governance Lead (may also be known as a Caldicott Guardian) will manage, audit and record observation of current practices and procedures when dealing with confidential

1.    Procedure

  • Treat information about patients as confidential and only use it for the purposes for which it is
  • Prevent information from being accidentally revealed and prevent unauthorised access by keeping information secure at all times.
  • In exceptional circumstances, it may be justified to make confidential Patient information known without consent if it is in the public interest, for example if requested by police.
  • Any breach of confidence will be reported to the relevant professional bodies to be investigated.
  • Limited Reasons for disclosure are:





  • With the written agreement of the Patient, for insurance purposes or when involved in a complaint
  • On referral to another Provider
  • In the wider Public Interest, involving serious risk to the public or serious crime
  • By Court Order, but only the minimum required to comply
  • No records will be left, or used in a manner, where other Patients or visitors can access or read them.
  • Suitable arrangements will be consistently in place for the safe destruction of confidential data.
  • Information must remain confidential, detailed below are some specific examples of when NOT to disclose:
    • Request from a school about the attendance of a child
    • Request from a parent (unless sure of being Legal Guardian) about the attendance of a child
    • Request from a solicitor for information, or someone acting on behalf of a third party
    • Request from a family member, even a spouse, about the attendance of a Patient, or to discuss treatment

The following procedures must be followed to ensure a confidential and secure environment is maintained:

  • There is a safe and private place for confidential discussions with a Patient
  • Telephone conversations with, or about, a Patient cannot be overheard in the public areas
  • All computers are password protected, and staff must `log out` when not sitting at a computer
  • No unencrypted portable device is used to transfer or store data
  • All postal contacts with Patients are in a plain sealed envelope

Patients have a right of access to their records. When requested copies must be produced within 40 days of receipt of a written request. A fee for this service may be charged, in line with Data Protection advice.

40 Berners Street

Ipswich, Suffolk

01473 258557

Call us today!

Opening Hours

Mon - Fri: 9:00 - 17:30