This page contains a Flash digital edition of a book.
DENTAL RECORDS


Te ICO recommends that all dental practitioners implement a


retention policy. Tis can be a short document or schedule that lists when personal data should be destroyed, based on the questions and industry standards discussed above. Tose practices in the ICO survey that had policies in place and


followed them tended to destroy only manual or physical personal data. Most practices are now moving to electronic dental records but none of the respondents to the research disposed of electronic records or had the facility to do so. Retention periods apply to both manual and electronic records.


Inactive electronic records can be archived but they oſten remain intact and accessible at the push of a button. Te report concludes that the dental sector must begin to consider the importance of securely destroying electronic records at the end of their retention period. Tose practices without the technical capability to delete personal data due to system constraints should consult ICO guidance on how such information can be put “beyond use”.


Wider information governance landscape Te report also stresses the need for all organisations to keep up- to-date with changing technology in order to ensure information is secure. Some practitioners are failing to adapt effectively to the increasing use of mobile and personal devices within the workplace and the report highlights the importance of being alert to guidance and advice about using new technology securely.


SPRING 2016


Dental professionals busy running practices can struggle to


engage with more involved information governance issues. Tis is understandable as their focus is on delivering care to patients and it may not be possible to spend large amounts of time addressing complex information governance matters. Te ICO is pragmatic about the requirements of running small businesses and recognises the need for additional channels of communication regarding information governance. MDDUS can provide a number of checklists and practical


guidance to assist members in achieving compliance. Don’t forget also that our advisers are at the end of the phone and our website features a number of webinars in relation to subject access requests and data sharing to help you achieve compliance.


Some answers Now back to my initial questions. In 2016, new data protection legislation will introduce a structure for monetary fines set to be agreed at 4 per cent of gross profit. I don’t know what that would cost you but I’m sure your finance manager could give you a figure. As to the second question: how easy is it to commit a criminal


offence? Te answer is “very” – processing personal information without registering with the ICO is illegal!


n Alex Lyons is a senior information governance adviser at MDDUS


19


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24