Compliance with this policy is a condition of employment of all our staff
At this practice, the need for the strict confidentiality of personal information is taken very seriously. This document sets out the policy for maintaining confidentiality and all members of the practice team must comply with these safeguards as part of their contract of employment/contract for the services with the practice. Matthew Calder is the Data Controller for the Practice and the Information Governance Lead.
The General Dental Council states:
All Staff must follow the General Dental Council’s rules for maintaining patient confidentiality.
‘The dentist/patient relationship is founded on trust and a dentist should not disclose to a third party information about a patient acquired in a professional capacity without the permission of the patient. To do so may lead to a charge of serious professional misconduct. A dentist should be aware that the duty of confidentiality extends to other members of the dental team. There may, however, be circumstances in which the public interest outweighs a dentist’s duty of confidentiality and in which disclosure would be justified. Communications with patients should not compromise confidentiality. In the interests of security and confidentiality, for example, it is advisable that all postal communications to patients are sent in sealed envelopes.’
What is Personal Information?
In a dental context, personal information held by a dentist about a patient includes:
- The patient’s name, current and previous address, bank account/credit card details, telephone number/e-mail address and other means of personal identification such as his/her physical description
- Information that the individual is or has been a patient of the practice or attended, cancelled or failed to attend an appointment on a certain day
- Information concerning the patient’s physical, mental or oral health or condition
- Information about the treatment that is planned, is being or has been provided
- Information about family members and personal circumstances supplied by the patient or others
- The amount that was paid for treatment, the amount owing or the fact that a patient is a debtor to the practice
Principles of Confidentiality
In practice, this means that all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient.
Cwmbran Dental Care has adopted the following principles of confidentiality:
- Records should be kept secure and in a location that prevents other individuals accessing them
- Details of names, addresses, telephone numbers, attendance or financial records, treatment histories or plans, medical history or information about other family members should not be divulged
- When talking to a patient on the telephone or in a public area, care should be taken to ensure that sensitive information is not overheard by other patients
- Messages regarding patient care should not be left on answering machines. A message to call the practice is all that can be left
- Disclosure of appointment book information should not be made to third parties without first referring to Matthew Calder or Ruth Collis
- Discussions being conducted within hearing of any patient should be on strictly professional matter, never discussing a patient by name
- Conversations on non-professional matters should be reserved for the staff room
- Any member of staff who breaks these rules will be liable for summary dismissal
- Personal information about a patient is confidential in respect of that patient and to those providing the patient with health care
- Personal information should only be disclosed those who would be unable to provide effective care and treatment without that information (the need to know concept)
- Such information should not be disclosed to third parties without the consent of the patient except in certain specific circumstances described in this policy
- All data processed at this practice must remain confidential even if your employment has terminated (it is an offence under General Data protection Regulation (GDPR) and the Data Protection Act 1998, to disclose such information)
Disclosure to Third Parties
There are certain circumstances in which a dentist may decide to disclose information to a third party or may be required to disclose by law. Responsibility for the disclosure rests with the patient’s dentist and under no circumstances can any other member of staff make a decision to disclose. Where a decision has been made to disclose personal information, an attempt should be made to obtain the patient’s permission for the information to be released or where appropriate to encourage the patient to release the information themselves. Failing this, it is advisable to contact the BDA or your defence organisation before acting. A brief summary of the circumstances is given below.
When Disclosure can be made?
- Where expressly the patient has given consent to the disclosure
- Where disclosure is necessary for the purpose of enabling someone else to provide health care to the patient and the patient has consented to this sharing of information
- Where disclosure is necessary to safeguard the individual, or others, or is in the public interest
- Where disclosure is required by statute or is ordered by a court of law
- Where disclosure is necessary for the dentist to pursue a bonafide legal claim against a patient, when disclosure to a solicitor, court or debt collecting agency may be necessary
- HIW have the legal right to have access to our patient records but if possible these should be anonymised or an attempt to get consent should be made
Before releasing any confidential information in the public interest, you must be prepared to explain and justify the decision and any action taken. A Court Order can order patient information to be released without consent. In such circumstances, only the minimum information should be released to follow the order.
Disclosure of information necessary in order to provide care and for the functioning of the NHS
Information may need to be disclosed to third party organisations to ensure the provision of care and the proper functioning of the NHS. In practical terms, this type of disclosure occurs when a referral of the patient to another dentist or health care provider such as the hospital is made.
Disclosing Patient Information
If the patient consents to their information being disclosed:
- An explanation must be provided about the circumstances in which the information about them might be shared
- The patient must be provided with the opportunity to withhold permission for disclosure of the information
- The patient must understand what will be released, the reasons for releasing it and the likely consequences of releasing the information
- The person with whom the information is shared must understand that the information is confidential
