Dental Tribune United Kingdom Edition No. 5, 2015

17Dental Tribune United Kingdom Edition | 5/2015 TRENDS&APPLICATIONS At the heart of the relationship between a dentist and a patient lies trust and respect. Unless you have been hiding under a rock, I am sure you have heard of the Data Pro- tection Act (DPA) 1998 and patient confidentiality, both of which exist to support these relationships. Recent events, such as the Sony or, more currently, the Ashley Madison breach, have brought to public awareness the importance of se- curing one’s data. Datasecurityandgovernanceisa verytrickyarea.Imustmakeitclear I am not a lawyer, and practices should make their own decisions aboutspecificaspectsofCareQual- ityCommission(CQC)compliance. Iamahighlyexperiencedinforma- tion technology professional with a good understanding of data pro- tection and other relevant legisla- tion. All interpretations provided here are my own. Even if a dental practice has not embraced the digital age and all records and correspondence are ink and paper based, the practice still has a number of responsibili- tiesregardingdatasecurity.Asden- tal practices collect patient details, they must register with the In- formation Commissioner’s Office (ICO). Dental records must be stored safely and securely for a number of years (up to six years for the National Health Service; NHS) and kept for a maximum of 30 years (Department of Health). Aside from the General Dental Council, NHS and CQC governing bodies in the UK, there are a num- ber of legislative acts, the DPA being the most well known, that require dental record storage, such as the Consumer Protection Act 1987, un- der which an action could arise for a defective product (such as im- plants), the Medical Devices Direc- tive (Council Directive 93/42/EEC), which relates to custom-made de- vices (such as retainers or aligners), aswellastheMedicinesAct1968and theMisuseofDrugsRegulations2001. Records must also be disposed of in apolicedmannertoavoidfines. Whataboutdentalpracticeswho have embraced digital? Data is accessed in two situations, storage and movement, the same as phy- sical records are. This also means that there are the two situations in which data can be compromised in the digital world. Dental practices have an obligation to ensure pa- tient data is backed up, recoverable (in case of disasters), secure and protected.Thisappliesduringboth storage and movement. If you are using one of the popular industry patient management systems, such as EXACT (Software of Excel- lence), it should have features to support this in place; liaise with your account manager to verify this. The next area of concern then is movement of data. This can be via e-mail,onlinereferraltoolsorportals, feedback platforms or devices, and your website. E-mail is not a secure medium, and communication with patientsabouttheirmedicalhistory ormedicalcircumstancesusingthis platformraisespotentialissues.The service provider you use for your e-mail could also be inadvertently making you breach data security rules. For example, if you are using one of the popular US-based organ- isations for e-mail, such as AOL, Hotmail and Gmail, and liaise with your patients via this e-mail plat- form, you have to consider where the e-mails are being stored; most likelyonserversoutsidetheUK. The DPA states that “personal data shall not be transferred to a country or territory outside the EEA [European Economic Area] unless that country or territory ensures an adequate level of pro- tectionfortherightsandfreedoms of data subjects in relation to the processing of personal data”. As a dental practice, you should recon- sider if you are using a commercial e-mail provider to liaise with your patients, and determine whether yourwebsitecommunicationtools andfeedbackportalsarecompliant and if not ensure your designated data policy controller addresses this as a priority. The ICO can issue monetary penalty notices, requiring organi- sations to pay up to £500,000 for serious breaches of the DPA occur- ring on or after 6 April 2010. If you havereservations,thereareanum- berofsolutionstoprotectpractices from these risks. Clients at Dental Focus expect us to take care of online compliance and provide guidance on keeping up to date and resolving these issues. Make sure your data is secured and protected before it is too late. Data security: How not to become the next Ashley Madison By Naz Haque,UK Naz Haque, aka the Scientist, is OperationsMan- ager at Dental Focus. He has a background in mobile and net- work computing, and has experi- ence supporting a wide range of blue-chip brands, from Apple to Xerox. As an expert in search engine optimisation, Naz is passionate about helping clients develop strategies to enhance their brand and increase the return on investment from their dental practice websites.He can be contacted at naz@dentalfocus.com. 7-10 September 2016 Poznan, Annual World Dental Congress Poland Face the world with a smile! AD DTUK0515_17_Haque 15.10.15 12:05 Seite 1 DTUK0515_17_Haque 15.10.1512:05 Seite 1

Pages Overview

• Page 1
• Page 2
• Page 3
• Page 4
• Page 5
• Page 6
• Page 7
• Page 8
• Page 9
• Page 10
• Page 11
• Page 12
• Page 13
• Page 14
• Page 15
• Page 16
• Page 17
• Page 18
• Page 19
• Page 20
• Page 21
• Page 22
• Page 23
• Page 24