top of page

Privacy Policy

Why we have this Policy.

We recognize that we must maintain strict confidentiality of patient and staff personal information. This policy document sets out how we expect all members of the practice team to comply with these safeguards as part of their contract of employment or contract for services with the practice.


Confidentiality is important.

Patients have the right to privacy, and it is very important that they give the dentist full information on their state of health to ensure that treatment is carried out safely.  A relationship of trust must be present between the dentist, the staff, and the patient. This relationship is founded upon the understanding that any information revealed by the patient to the dentist will not be divulged without the patient’s consent. All staff within this practice also have the right to their personal information being kept confidential.


If confidentiality is breached, the dentist and all other members of the dental team face investigation and possible sanction by the General Dental Council. In serious cases this could result in erasure from the GDC Register. This may also result in legal action by the patient or staff member for damages and prosecution for breach of the 1998 Data Protection Act and the GDPR (2018)


CQC and Confidentiality


Confidential records are only accessed where it is necessary for inspection, and access must be proportionate (do not access more records than necessary and avoid particularly sensitive records unless there is an exceptional reason to access them). Remember, you may be committing a criminal offence if you disclose confidential personal information inappropriately.


Considerations are always given to privacy and access to equipment e.g., computer screens visible in reception, overheard conversations, surgery doors open to hear conversations or see x-rays, reports and paperwork not being left out.


General Dental Council

4.2 Protect the confidentiality of patients’ information and only use it for the purpose for which it was given.

4.3 Only release a patient’s information without their permission in exceptional circumstances.



What is personal information?

In a dental practice context, personal information about a patient or staff member includes:

  • Name, current and previous addresses

  • Bank account/credit card details and financial details

  • Telephone number/email address

  • Information that the individual is or has been a patient of the practice.

  • Failed attendance

  • Cost of treatment, the amount owing or whether the patient owes money to the practice.

  • Physical, mental, oral health or condition

  • Treatment planning details that are planned or have been provided.

  • Family members and personal circumstances supplied including ‘nick names’.


Principles of confidentiality   

Personal information about a patient or staff member shall always be:

  • Confidential in respect of that patient or staff member within this practice

  • Only disclosed to those who would be unable to provide effective care and treatment without that information (the need-to-know concept),

  • Not disclosed to third parties without the consent of the patient or staff member except in certain specific circumstances described in this policy.

  • Try to keep the person anonymous if it is not necessary for the person to be identified.

  • The duty to keep information confidential also covers originals and copies of the person’s photographs, video, or audio recordings, including those made on a mobile phone. No images recordings will be made without the person’s permission.


When can disclosures be made to third parties?

There are few circumstances in which a dentist may decide to disclose information to a third party or may be required to disclose by law.  Responsibility for disclosure rests with the patient’s dentist and under no circumstances can any other member of staff decide to disclose.  A summary of the circumstances is given below.


When disclosure is in the public interest

There are certain circumstances where the wider public interest outweighs the rights of the patient to confidentiality.  This might include cases where disclosure would prevent a serious future risk to the public or assist in the prevention or prosecution of serious crime.


Disclosure can be made where:

  • The patient or staff member has expressly given consent to the disclosure.

  • Disclosure is necessary for the purpose of enabling someone else to provide health care and the patient/ staff member has consented to this sharing of information.

  • Disclosure is required by statute or is ordered by a court of law.

  • Disclosure is necessary for a dentist to pursue a bona-fide legal claim against a patient/ staff member when disclosure to a solicitor, court or debt collecting agency may be necessary.


Disclosure of information necessary to provide care under the NHS

Information may need to be disclosed to third party organisations to ensure the provision of care and the proper functioning of the NHS. In practical terms this type of disclosure means:

  • Transmission of claims/information to payment authorities such as the DPD/SDPD/CSA)

  • Disclosure of information to the LAT/HB

  • Referral of the patient to another dentist or health care provider, e.g. a hospital or specialist.


Please note that the patient must consent to this and under most circumstances receive a copy of the referral letter.


Power of Attorney

A lasting power of attorney (LPA) is a legal document that lets you (the ‘donor’) appoint one or more people (known as ‘attorneys’) to help you make decisions or to make decisions on your behalf.

This gives a person more control over what happens to them if they have an accident or an illness and cannot make their own decisions (‘lack mental capacity’).

  • must be 18 or over and have mental capacity (the ability to make their own decisions) when making a LPA.

  • do not need to live in the UK or be a British citizen.

  • This guide is also available in Welsh (Cymraeg).


  • The Power of Attorney is activated as soon as it's registered.

There are 2 types of LPA:

  1. health and welfare

  2. property and financial affairs



Health and welfare lasting power of attorney

Use this LPA to give an attorney the power to make decisions about things such as:

  • daily routine, for example washing, dressing, eating.

  • medical care

  • moving into a care home

  • life-sustaining treatment

It can only be used when a person is unable to make their own decisions.


Data protection code of practice

Please see the practice Data Protection Code of Practice. This describes the required procedures to ensure that we comply with the 1998 Data Protection Act and GDPR 2018.  It is a condition of engagement that everyone at the practice complies with the code of practice and GDPR.

bottom of page