Data Protection

The Data of our Patients and our Team is important. We have included this page to reflect our commitment to providing you with transparency as regards our dealings with that Data, in accordance with our legal obligations. Our intention is that you Data is always Safe with us – to fulfil that intention our Policies, Notices and supporting Systems and Procedures are reviewed very regularly and thoroughly.

our policies

Our documents are as follows:

Data Protection

We have a Policy which recognises our legal obligations in respect to the collecting, holding, maintaining and accessing data for a lawful purpose and in a secure environment.

The Policy assures that such activities will keep the Data secure and only accessed for the proper purpose by the proper Users. The Data will not be retained for ever – only as long as required.

Data Subjects have Rights in respect to the collection and use (etc) of their Data – the Policy indicates how we will respect those Rights.

click here to read this policy

Data Security

We have a Policy which confirms the various activities we undertake in order to ensure the security of the personal Data of our Patients and our Team held by us.

Confidentiality obligations are reinforced in the terms of our Team’s individual contract, access is monitored to ensure it is only ‘need to know’. Content is kept up to date. Unneeded Data deleted securely. Our Caldicott Guardian oversees that all aspects of confidentiality are followed.

Security of Data stored physically and electronically (or removed) is the responsibility of our Senior Information Risk Officer.

Any breaches or incidents affecting Data are reported immediately to our Data Protection Officer and dealt with swiftly.

click here to read this policy

privacy notices

Our Privacy Notices provide a comprehensive statement to a Data Subject of what the Policies mentioned here means, when it comes to us having and using their Data.

It also reminds them of their Rights in respect to their Data. It also confirms how those Rights can be exercised and what we do in response to a request to do so.

The process available if you are not satisfied with our response is also set out

Even before someone becomes a Patient, or joins our Team, they are provided with a copy of the current Notice for their assurance and information.

click here for nhs patients

click here for private patients

our nhs data opt-out policy

Data Protection Impact Assessments (DPIA)

Our approach to Data Protection is just like having good oral hygiene – “prevention is better than cure”.

When we are considering implementing a new System or process which will change the way we process your Data we will undertake a DPIA.

That will allow us to identify whether the change creates any risks to the safety or security of your Data. Then we can either proceed with confidence, or ensure changes are made to avoid those risks (or maybe even not proceed with implementation and find a different approach.

click here to read our pda summary