1.The information collected and used
If you use this website, you are in control of what information is collected, but if you choose not to share your information, you may not be able to access or use some areas of this website.
1a.How information is collected
This information may be collected, stored and used when you use this website and when you call the Advertiser.
1b.What information is collected
The information collected and held may include but is not limited to:
- information about your computer and about your visits to, and use of, the website (including your IP address, approximate geographical location, browser type, referral source, length of visit and number of page views);
- if you call the Advertiser, your phone and/or mobile phone number and the time, date and day of the week and length of your call; and
- any other information you may provide to the provider of this site.
1c.Using cookies or other on-device storage
2.How information collected is used
2a.When you use this website
2b.Customisation of this website and advert targeting
The information collected when you use this website may be used to build up a picture of your interests. This information may be used to try to make sure that when you visit or use the website, you don’t miss offers and information that might interest you. This is called advert targeting.
2c.Tracking how the website is used
Information may be collected about activity on the website, or other organisations may be used to collect it and to share it. This information is used to:
- analyse statistics;
- track pages and paths used by visitors to, or users of, the website;
- target the adverts or offers, such as banners, on the website and on the websites of other organisations; and
- track the use of the internet banner adverts and other links from marketing partners’ websites to this website.
2d.Analysing call volumes
If you call the Advertiser using the number featured on the website, we may record your phone number, the time, date, day of the week and length of the call and certain details about whether the call was answered or not. This information will be shared with the Advertiser and used to analyse the effectiveness of the website.
3.Disclosure of your information
Your information may be passed to one or more of the following organisations:
- the Advertiser;
- data processing companies, mailing houses and other third party suppliers; and
- government and enforcement agencies and the police.
Occasionally, this may involve sending your information outside the European Economic Area.
Every now and again, requests are received for information from government departments, the police and other enforcement agencies. If this happens, and there is a proper legal basis for providing your information, it will be provided to the organisation asking for it.
4.Where your information is processed
When your information is used as described in section 2 – How information collected is used, this may occasionally involve sending your information outside the European Economic Area (EEA). Where this is done, appropriate steps are taken to protect your information. By using this website, you agree that your information may be transferred, stored and processed outside the EEA.
5.How your information is kept secure
The security of information is taken very seriously. Technology and security policies are in place to protect the information held.
Freedom of Information Access to Information Held by The Practice
The practice may be asked by members of the public to disclose information, documents or records held by the practice. Requests for personal information are made under the Data Protection Act and for information about the NHS services provided by the practice are made under the Freedom of Information Act; such requests may be legitimate.
All requests for access to personal information or information about the practice (where this information is not readily available in the practice information leaflet) should be passed to Data Protection officer: firstname.lastname@example.org
The following summary describes who can request information, how the request should be made and how the practice will handle such requests.
Requests for Personal Information
Personal information is any information, note or record from which an individual can be identified. The individual does not have to be named but if they can be identified by cross-referencing the information with other data held by the practice (a patient database, for example) the information is regarded as personal information.
The Data Protection Act allows individuals to request access to personal information about themselves. Those eligible to request access include:
- Any person aged 16 years or older
- A child under the age of 16 years who, in the considered opinion of the Practice Manager and/or the treating dentist, has the capacity to understand the information held by the practice.
- The parents or guardians of a child under the age of 16 years unless the child, in the considered opinion of the Practice Manager and/or the treating dentist, has the capacity to understand the information held by the practice. Children aged 11 years and under are too young to comprehend. The request should be for reasons connected to the health and welfare needs of the child and not in the interests of the parent, for example as part of divorce proceedings or separation disputes.
- A third party, such as a solicitor, who has the written consent of the person covered in the record. Checks must be undertaken to ensure that the consent is genuine – for example, by checking the patient’s signature or contacting the patient directly to confirm that they have given consent for the information to be disclosed.
If a request for information concerns a deceased person, the information can be accessed by:
- The administrator or executor of the deceased person’s estate.
- A person who has a legal claim arising from the person’s death – the next of kin, for example. The person should specify the nature of their legal claim and why the information requested is relevant to that claim.
Access to information can be denied if:
- Disclosure is likely to cause severe distress to the individual, for example, where the information relates to a person’s mental health or mental capacity. However, the disclosure of dental records is unlikely to cause severe distress.
- The individual has made more than one request within a reasonably short timescale and the information has not changed significantly.
- Providing the information requested would require a disproportionate effort. Proportionality depends on the difficulty, time and cost involved with complying with the request, the size of the practice and resources available, and the effect on the individual of not providing the information requested.
A request can be made in writing (including by email) and the individual making the request should:
- Describe the type of information that they require with specific dates, if possible.
- Include, for example, their name, address, patient number to ensure correct identification.
You should be certain that the person asking for information has the right to request access to the records and, if necessary, ask them to provide proof of identity.
The requested information will be provided within 20 days of receiving the original request or confirming the individual’s identity. You must provide a copy of the information free of charge.
The Information Provided
Generally, the individual will be given a permanent copy of the information requested as a photocopy of information held manually or a print-out of electronic information. The information must be supplied in an intelligible form.
Requests for Information About The Practice
Any member of the public can request, under the Freedom of Information Act, information associated with the provision of NHS services. The available information is described fully in the practice guide to information available under FOIA and the model publication scheme which is located in the practice policy folder. Where the information requested is part of a larger document, only the relevant part will be disclosed.
Information that is exempt from disclosure under a FOIA request includes:
- Clinical records as they contain confidential personal information.
- Financial records as they may prejudice sensitive commercial interests.
The DPO will confirm whether or not requested information is covered by an exemption.
The request can be made in writing (including by email) and the individual making the request should:
- Describe the type of information that they require with specific dates, if possible
- Include their name and address.
The individual making the request does not have to give a reason.
Details of charges for information provided under the Freedom of information Act are included in the practice guide to Information available under FOIA and the model publication scheme
Information will be provided within 20 working days of the original request or confirmation of identity and from the receipt of the fee. An extension may be possible if more information about the request is needed or legal advice on whether an exemption applies is being taken. The person requesting the information must be told about any extension to the 20-working-day deadline.
The Information Provided
Much of the information covered by the Freedom of Information Act is published in the practice information leaflet or on the practice website. Requests for information that is not available in the practice information leaflet or on the practice website should be referred to the Practice Manager. If the practice does not hold the information requested, the applicant will be informed within the 20 working day time limit.
Information will be provided in a way that is convenient for the person who requested it. This may in writing, by allowing the applicant to read it on the premises, or, if the information is held electronically, in a useable electronic format.
The practice is not required to respond to vexatious requests for information, for example, requests designed to subject the practice or its staff to inconvenience, harassment or expense. If you feel that a request is vexatious, you should discuss it with the Practice Manager and Dr Zuber Bagasi the Practice Owner, who will decide how to handle the matter.
The practice is not required to respond to repeated requests for the same or similar information (unless the information changes regularly, for example performance or activity information). If you feel that a request is a repeated one, discuss it with the Practice Manager who will decide how to handle the matter.
This policy has been approved & authorised by:
|Name:||Dr Zuber Bagasi/ Charlotte Smith|
|Position:||Managing Director/Clinical Governance Lead|
|Review Date:||December 2023|
CCTV Policy for Patients
Synergy Dental Clinic have CCTV surveillance in place on the premises, they are not in the clinical areas. The system is owned by Synergy Dental Clinic and the HR Manager and Facilities Manager is responsible for the operation of the system. The CCTV system operates to meet the requirements of the Data Protection Act and the Information Commissioner’s guidance.
Signs are prominently placed at strategic points to inform staff, patients, visitors and members of the public, that a CCTV installation is in use.
Although every effort has been made to ensure maximum effectiveness of the system, it is not possible to guarantee that the system will detect every incident with occurs within the area of coverage.
Purpose of the CCTV system
The principal purposes of the CCTV system are as follows:
- for the prevention, reduction, detection and investigation of crime and other incidents.
- to ensure the safety of staff and visitors.
- to assist in the investigation of suspected breaches of Synergy regulations by staff and visitors.
Access to records
CCTV images form part of the patient record. Should a patient wish to review CCTV footage in relation to a specific incident they should put the request in writing to the Facilities Manager within 31 days of the specific incident occurring. The email address of the Facilities Manager is: email@example.com
Please note that only public areas of the practice (eg waiting room, entrance and exits) are currently covered by CCTV images.
This policy has been approved & authorised by:
|Name:||Craig Barnes/ Charlotte Smith|
|Position:||Facilities Manager/ Clinical Governance Lead|
|Date: Review Date:||27th June 2023 27th June 2024|