THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
- Dental Practice Covered by this Notice
This Notice describes the privacy practices of Beeches Dental surgery. “We” and “our” means the Dental Practice. “You” and “your” means our patient.
- How to Contact Us/Our Privacy Official
If you have any questions or would like further information about this Notice, you can contact Beeches dental surgery’s Privacy Official at:
Maria or Ioanna Sergides
9 Beeches Avenue
- Our Promise to You and Our Legal Obligations
The privacy of your health information is important to us. We understand that your health information is personal and we are committed to protecting it. This Notice describes how we may use and disclose your protected health information to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. Protected health information is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services.
We are required by law to:
- Maintain the privacy of your protected health information;
- Give you this Notice of our legal duties and privacy practices with respect to that information; and
- Abide by the terms of our Notice that is currently in effect.
What personal data do we hold? To provide you with a high standard of dental care and attention we need to hold personal information about you. This personal data includes:
- Your past and current medical and dental condition; personal details such as your age, address, telephone number and your general dental practitioner
- Radiographs, clinical photographs, study models
- Information about the treatment that we have provided or propose to provide and its cost
- Notes of conversations/ incidents about your care, for which a record needs to be kept
- Record of consent to treatment
- Correspondence relating to you with other healthcare professionals, for example with the hospital
- How We May Use or Disclose Your Health Information
The following examples describe different ways we may use or disclose your health information. These examples are not meant to be exhaustive. We are permitted by law to use and disclose your health information for the following purposes:
Common Uses and Disclosures
Treatment. We may use your health information to provide you with dental treatment or services, such as cleaning or examining your teeth or performing dental procedures. We may disclose health information about you to dental specialists, physicians, or other health care professionals involved in your care.
Payment. We may use and disclose your health information to obtain payment from health plans and insurers for the care that we provide to you.
Health Care Operations. We may use and disclose health information about you in connection with health care operations necessary to run our practice, including review of our treatment and services, training, evaluating the performance of our staff and health care professionals, quality assurance, financial or billing audits, legal matters, and business planning and development.
Appointment Reminders. We may use or disclose your health information when contacting you to remind you of a dental appointment. We may contact you by using a postcard, letter, phone call, voice message, text or email.
Treatment Alternatives and Health-Related Benefits and Services. We may use and disclose your health information to tell you about treatment options or alternatives or health-related benefits and services that may be of interest to you.
Disclosure to Family Members and Friends. We may disclose your health information to a family member or friend who is involved with your care or payment for your care, if you do not object or if you are not present & we believe it is in your best interest to do so.
Disclosure to third party providers i.e. Laboratory’s or hospitals. We may disclose your protected health information to our third-party service providers that perform functions on our behalf or provide us with services if the information is necessary for such functions or services. For example, we may use a third party to assist us in maintaining our practice management software. All of our business associates are obligated, under contract with us, to protect the privacy of your information and are not allowed to use or disclose any information other than as specified in our contract. We will never pass on your personal data for marketing purpose.
When passing on any personal data to agreed third party’s we shall use recorded post for paper copies or encrypted E-mails.
Victims of Abuse, Neglect or Domestic Violence. We may disclose health information to the appropriate government authority about a patient whom we believe is a victim of abuse, neglect or domestic violence.
Your Rights with Respect to Your Health Information
Right to a Paper Copy of this Notice. You have the right to a paper copy of this Notice. You may ask us to give you a paper copy of the Notice at any time (even if you have agreed to receive the Notice electronically). To obtain a paper copy, ask the Privacy Official.
Right to Receive Notification of a Security Breach. We are required by law to notify you if the privacy or security of your health information has been breached.
The breach notification will contain the following information: (1) a brief description of what happened, including the date of the breach and the date of the discovery of the breach; (2) a brief description of what we are doing to investigate the breach, mitigate losses, and to protect against further breaches.
Our Right to Change Our Privacy Practices and This Notice
We reserve the right to change the terms of this Notice at any time. Any change will apply to the health information we have about you or create or receive in the future. We will promptly revise the Notice when there is a material change to the uses or disclosures, individual’s rights, our legal duties, or other privacy practices discussed in this Notice. We will post the revised Notice on our website (if applicable) and in our office and will provide a copy of it to you on request. The effective date of this Notice is 25.01.2018
Individuals have the right to access their personal data. Under the GDPR, individuals will have the right to obtain:
confirmation that their data is being processed;
access to their personal data; and
other supplementary information – this largely corresponds to the information that should be provided in a privacy notice
The right to amend or rectify your data. Individuals are entitled to have personal data rectified if it is inaccurate or incomplete.
If you believe that your health information is incorrect or incomplete, you may request that we amend it. We may deny your request under certain circumstances. You will receive written notice of a denial and can file a statement of disagreement that will be included with your health information that you believe is incorrect or incomplete. We shall respond within a 1 month period. This can be extended to 2 months if the request is complex.
If we have disclosed the personal data in question to third parties, we must inform them of the rectification where possible. We must also inform the individuals about the third parties to whom the data has been disclosed where appropriate.
Where we are not taking action in response to a request for rectification, we will explain why to the individual.
Individuals have a right to have personal data erased or restricted. To prevent processing in specific circumstances:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (ie otherwise in breach of the GDPR).
- The personal data has to be erased in order to comply with a legal obligation.
- The personal data is processed in relation to the offer of information society services to a child.
- Where an individual contests the accuracy of the personal data, you should restrict the processing until you have verified the accuracy of the personal data.
The right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes across different services.
It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability. You have the right to obtain your records. You have a right to ask for a copy of your records. This would include disclosures to carry out treatment, payment, radiographs and information on your health care.
If you do not agree. If you do not wish personal data that we hold about you to be disclosed or used in the way that is described in this Code of Practice please discuss the matter with your dentist. You have the right to object, but this may affect our ability to provide you with dental care.
How to Make Privacy Complaints
If you have any complaints about your privacy rights or how your health information has been used or disclosed, you may file a complaint with us by contacting our Privacy Official listed on the first page of this Notice.