Dentists have a duty of care for their patients that extends beyond the procedures they carry out. They also need to ensure patients’ private and confidential data is handled sensitively. Since May 2018, that means complying with the EU’s General Data Protection Regulations.

In this post, we will look at what GDPR means for dentists and what, if any, steps you should take if you are concerned that you do not currently comply with this.

GDPR explained

GDPR was introduced to update and standardise data protection laws across the European Union, bringing the rules up to speed with the digital age.

It established the following key principles:

• That data should be processed fairly and lawfully
• That the data taken should not be stored for any longer than is necessary
• Any private data should be stored securely
• Data has to be collected for a legitimate reason
• Individuals should have the right to know what data is held and ask for this to be erased

The biggest change – that we have probably all noticed – is that people have to clearly ask for permission when taking data and have to be clear about what they intend to use it for.

GDPR for dentists

Dentistry was in a good position to comply with GDPR – and the vast majority of practices already had robust systems in place to sensitively collect, store, maintain, update and use private data. The General Dental Council’s Standards for the dental team states ‘maintain and protect patients’ information’ as one of its nine key principles.

In practice, the advent of GDPR means that dentists need to have explicit permission for any marketing communications or messages they wish to send to patients – and that patients must feel like they have control to select a level of communication they are happy with.

All dental practices providing NHS treatment are considered as public authorities and, under GDPR, these are required to appoint a Data Protection Officer (DPO). This person could be a new employee hired specifically for the role, an existing employee who takes on new responsibilities or a shared DPO with another practice.

Review GDPR activity to date

By now, every practice should be up to speed with the requirements of GDPR. They should have:

• Updated privacy notices to make it clear how data will collected, processed, stored and used
• Updated forms and procedures for collecting data that make the reason for the request clear
• Reviewed the process through which subject access requests can be made so that you can comply with requests from patients

If none of these has been done – or you are unsure if it was done to the correct standard – then it should be carried out as a matter of urgency to avoid breaking the law. It may now also be appropriate to review changes made in the immediate aftermath of May 2018 to ensure they are still relevant.

The key aspect to be aware of is that dentists must be as clear as possible with their patients when it comes to the data they hold and how they hold it. Provided they make this clear – and ask for explicit permission for use that goes beyond their care – then they will abide by GDPR to ensure they look after patient data as well as their oral health.

If you have any questions about looking after the data of your patients, contact DDS today.

Dentists need to make sure their patients are always up to speed with what is happening with their care. By doing so, they can avoid problems down the line – ensuring there are no gaps between a patient’s expectations and the reality.

All dentists are acutely aware of the importance of consent, but this post will add as a timely refresher of why it is important and how to obtain consent to avoid issues.

The importance of consent for dentists

When carrying out any form of care or treatment dentists require consent because:

• It is spelled in law that this is obtained before a dental practitioner is allowed to touch a patient
• It is needed in order to respect a patient’s right to ‘self determination’
• It makes life easier and allows you to mutually arrive at the right outcome
• Treatment is voluntary. Patients can, if they wish, withdraw from a treatment at any time and so it is vital that they are always happy with the course of action.

It is important to recognise that the Care Quality Commission will look at this. John Milne, Senior National Dental Adviser for the CQC, explained: “We review the practice’s systems and processes for obtaining consent. We may ask dental practitioners and other dental care professionals to describe how and why they ask for consent. We may look at an example of a dental care record to support what we are told.”

How to obtain consent

The consent of a patient must be ‘informed’ – that means that you must give them enough relevant information to ensure they are basing their decision on the available facts and aren’t just agreeing ‘because you told them to’.

When explaining a course of action, a dentist must:

• Explain the risks and benefits of the treatment in question in terms that could easily be understood by the patient
• Outline any possible alternative treatments and the pros and cons of these
• Explain the cost of each possible treatment
• Give the patient time to weigh up everything you have told them
• Keep a record of when and how consent is given, if necessary

Consent for dental treatment involving children

The issue of consent for treatment is complicated slightly when involving children. There are two factors here – their age and whether or not they are ‘competent’ to make a decision.

It is possible for children under the age of 16 to consent to their own treatment if they have the ‘intelligence, competence and understanding’ to be able to know what their treatment will involve. This is called being ‘Gillick competent’.

If an under-16 is not ‘Gillick competent’, then consent should be obtained from their parent or guardian.

If they are over 16 but still under 18, the patient can give consent – even though they are not an adult in the eyes of the law – and this cannot be overridden by their parents. This is a matter than can – and has been – challenged by the courts, so requires caution where there might be a dispute between both parties.

Consent and mental health

Dentists also have to bear in mind whether or not an adult has the mental capacity to give their consent.

The Mental Capacity Act 2005 sets out a two-stage process for identifying this. Firstly, this involves being aware of any conditions that might well impact on the patient’s ability to consent (eg dementia).

Secondly, you need to determine if the patient can:

• Understand the information you give to them about their treatment
• Retain and remember this information
• Come to a decision based on the information presented to them
• Adequately relay a decision to you

If you have any queries over consent, we would be happy to talk to you. Get in touch today.

The standards that dentists need to set, achieve and maintain for themselves are spelled out clearly by the General Dental Council. We are keen to help and support dentists in their quest to keep up their high professional standards – and this post offers a quick refresher of the expectations laid out by the GDC in ‘Standards for the Dental Team’.

Standards for the Dental Team

The GDC’s Standards for the Dental Team applies to people in the following seven roles:

• Dentists
• Dental hygienists
• Dental nurses
• Dental therapists
• Dental technicians
• Clinical dental technicians
• Orthodontic therapists

Each of these people is expected to abide by the nine key principles set out by the Standards.

These are:

1. Put patients’ interests first
2. Communicate effectively with patients
3. Obtain valid consent
4. Maintain and protect patients’ information
5. Have a clear and effective complaints procedure
6. Work with colleagues in a way that is in patients’ best interests
7. Maintain, develop and work within your professional knowledge and skills
8. Raise concerns if patients are at risk
9. Make sure your personal behaviour maintains patients’ confidence in you and the dental profession

Let’s explore each of these in a little more detail to look at what they mean in practice.

Put patients’ interests first

Putting the interests of patients first means listening to what they have to say, taking into account their concerns and preferences and acting with honesty, respect and integrity at all times. It also means reflecting the culture and values of the individuals in your care as a dentist, making reasonable adjustments for people with disabilities too. It also means providing a safe and clean environment for treatments – and putting the needs of patients before financial considerations.

Communicate effectively with patients

This standard outlines that patients need a full and clear explanation of their treatment plan – before, during and after any procedures are carried out – so they are fully aware of the care they are receiving. They should also understand the cost implications of the work they are receiving.

Obtain valid consent

After you have communicated the care you intend to provide to a patient it is vital to obtain their permission to carry this out. (Check out our full guide to patient consent here)

Maintain and protect patients’ information

The records of patients need to be safely stored and kept confidential. They also need to be up to date, clear and accessible.

Have a clear and effective complaints procedure

Patients need to be able to expect that their complaints will be handled properly – and that they will be listened to if they raise any issues regarding the care that they have received. As a DDO set up by dentists for dentists, DDS is able to work closely with you to ensure that this is the case.

Work with colleagues in a way that is in patients’ best interests

This outlines the importance of working together as a dental team – and for each member of the dental team to know their role and where they fit in the team.

Maintain, develop and work within your professional knowledge and skills

Dentists need to be trained and qualified and to regularly refresh their skills and knowledge of the latest laws and working practices.

Raise concerns if patients are at risk

Dentists have a duty to raise any concerns they might have over – a fellow member of the team, the environment they are working in or the welfare of a vulnerable patient.

Make sure your personal behaviour maintains patients’ confidence in you and the dental profession

Dentists also need to behave in a way that gives patients trust and confidence both in you as a professional and in dentistry as a profession. This needs to be done by maintaining professional behaviour at all times.

To download the full ebook – and for more details of Standards for the Dental Team – visit the GDC’s website.

If any dentist has any questions or queries about how to abide by the standards, get in touch with DDS today and we would be happy to help.