Australia
Membership information 1800 444 542
Dentolegal advice 1800 444 542
Search
Membership information 1800 444 542
Dentolegal advice 1800 444 542

Ceasing practice

What does the Data Protection Act say?
13 February 2015

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Returning to work after cessation of practice

What does the Data Protection Act say?
13 February 2015

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Overseas applicants

What does the Data Protection Act say?
13 February 2015

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Amending your policy

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Defined practice and procedures

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Renewal

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

New member enquiries / obtaining a quote

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Payment options

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Public liability insurance

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Students and new graduates

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

CPD

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

Case history and your premiums

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

General enquiries

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

What does the Data Protection Act say?

Feb 13, 2015, 12:37 PM
Anchor:
dpa

The Data Protection Act (DPA) makes provisions for regulating the processing of information about living individuals, including obtaining, recording, holding, using, disclosing, adapting, organising, retrieving and destroying information. The DPA recognises the rights of an individual to be told what information is being processed about them and have copies disclosed.

The DPA is based on 8 data protection principles, which can be summarised as follows.

The information:

  • Must be processed fairly and lawfully;
  • Shall only be obtained and used for one or more specified person purpose and shall not be excessive to that purpose;
  • Shall be accurate and kept up to date;
  • Shall not be kept for longer than necessary;
  • Shall only be processed in accordance with the data subject rights; and
  • Shall be kept safe and secure and not transferred beyond the European Economic Area, except to countries with a similar level of the asset protection.

Personal data is defined as information which relates to a living individual, who can be identified from the data either alone or in conjunction with other information held by the data controller.

Dental records are likely to fall within the definition of sensitive personal data under the terms of the DPA. The processing of sensitive personal data must comply with specific conditions set out in Schedule 3 of the Act. If you have explicit consent from the patient to hold and process their data the conditions of Schedule 3 will be met.

Further information on your data protection obligations is available from the Information Commissioner's Office
How do I know if the patient has provided consent?

A patient in receipt of NHS care must complete form HSC 45 and, in doing so, would authorise disclosure of their records to the HSC Board for the purposes listed below. Where no HSC 45 exists (perhaps lost or missing), then the onus would be on the practice to obtain consent from the patient, or to justify disclosure. The DPA only applies to living subjects, however disclosure of deceased patient records would not present a problem as consent would have been given as above.

The HSC Board is not entitled to see private treatment records, and private records should therefore be redacted.

Disclosure to the HSC Board of records which contain patient identifiable information, may take place lawfully where:

  • The HSC Board is investigating and ensuring the quality and provision of the standard of care provided that it is for example in response to a complaint made by or on behalf of the patient;
  • The information is needed in relation to the management of dental services;
  • The HSC Board considers that there is a serious risk to patient health or safety; and
  • Investigations of suspected fraud or any other potential criminal activity take place.

If you have been asked to provide records and you are uncertain whether the patient has provided consent or whether the HSC Board requires the records for a lawful reason, always seek advice before disclosing the records. You should consult one of our dento-legal advisers if you are unsure. 

« Your guide to member benefits
Member Benefits - Student »
Contact Us
Location
Guidance & Resources
Our Site

© 2010-2024 The Medical Protection Society Limited

DPL Australia Pty Ltd (“DPLA”) is registered in Australia with ABN 24 092 695 933. DPLA is part of the Medical Protection Society Limited (“MPS”) group of companies. MPS is registered in England (No. 00036142) with its registered office at Level 19, The Shard, 32 London Bridge Street, London, SE1 9SG. All the benefits of MPS membership are discretionary, as set out in the Memorandum and Articles of Association.

“Dental Protection member” in Australia means a non-indemnity dental member of MPS. Dental Protection members may hold membership independently or in conjunction with membership of the Australian Dental Association (W.A. Branch) Inc. (“ADAWA”).

Dental Protection members who hold membership independently need to apply for, and where applicable maintain, an individual Dental Indemnity Policy underwritten by MDA National Insurance Pty Ltd (“MDA”), ABN 56 058 271 417, AFS

Licence No. 238073. DPLA is a Corporate Authorised Representative of MDA with CAR No. 326134. For such Dental Protection members, by agreement with MDA, DPLA provides point-of-contact member services, case management and colleague-to-colleague support.

Dental Protection members who are also ADAWA members need to apply for, and where applicable maintain, an individual Dental Indemnity Policy underwritten by MDA, which is available in accordance with the provisions of ADAWA membership.

None of ADAWA, DPLA and MPS are insurance companies. Dental Protection® is a registered trademark of MPS.

Before making a decision to buy or hold any products issued by MDANI, please consider your personal circumstances and the Important Information, Policy Wording and any supplementary documentation available by contacting DPLA on 1800 444 542 or via email.

For information on MPS and DPLA’s use of your personal data and your rights, please see our Privacy Notice.