Privacy Policy

Patient Privacy and Confidentiality

The practice is committed to complying with the requirements of the legislation governing patient confidentiality including: Access to Health Records 1990, Caldicott Guidelines 1997, Confidentiality Code of Practice 1998, Data Protection Act 2018 and the GDC Standards for Dental Professionals 2005 on Principles of Patient Confidentiality. For the purpose of this policy confidential information is defined as personal information provided by an individual in confidence including, but not limited to, such details as name, age, address, personal circumstances, race, health, sexuality, etc. Note that even the fact that a patient attends the practice is confidential. This information may be supplied or stored on any medium and includes images, videos, health records, computer records or verbally.

All staff members are aware of their responsibilities for safeguarding patient confidentiality and keeping information secure and have received appropriate training on the legislation requirements to ensure that:

  • No personal information given or received in confidence is passed on to anyone else without the prior consent of the information provider
  • No personal information given or received in confidence for one purpose is used for another purpose without the prior consent of the information provider
  • Patients are entitled to object to the use of their confidential information for any other purpose than their care
  • The duty of confidentiality to deceased patients is treated in the same way as that of living patients
  • The rules of disclosure are strictly followed every time information is passed on to another person or organisation.


Personal information is only disclosed to another person or organisation when:

  1. The patient consent has been obtained
  2. The disclosure is in the patient’s best interest (referral)
  3. The information recipient falls under the category of ‘needs to know basis’ and is directly involved in patient care or the use is justified for the purposes described in the list of circumstances in the ‘Disclosure on a need to know basis’ section
  4. Disclosure is required by a court or a court order
  5. Disclosure is required by law
  6. Information is requested by the police in order to detect or prevent serious crime


The practice treats breaches of confidentiality very seriously. No team member shall knowingly misuse any confidential information or allow others to do so. Non-compliance with this policy may result in a disciplinary action.

Dr Shaimil Patel and Shyam Shastri are the Data controllers, Caldicott Guardian and Senior Risk Information Officers responsible for keeping secure the information about you that we hold. Out Data Protection Officer is Alison Frater.