Dublin Dental University Hospital Statement
Introduction
Dublin Dental University Hospital (“DDUH”) is a centre of excellence in the delivery of dental care to patients and the primary supplier of dental education in Ireland. In the course of its operations it collects and uses personal data about its patients, staff, students and other service users. Personal data, both automated and manual, is information relating to a living individual who is or can be identified, either from the data or from the data in conjunction with other information.
This information is used in the treatment of patients, the organisation and administration of courses, examinations, research activities, the recruitment and payment of staff, compliance with statutory obligations, etc. You have a right to access your personal records and may use either the Freedom of Information Act or the Data Protection Acts in order to access personal information held by public bodies like the DDUH. The Data Protection Acts confer rights on individuals as well as responsibilities on those persons collecting personal information and they apply to all holders of personal information, not just public bodies.
What is Information Governance?
In the DDUH we understand that the privacy and security of your information is very important to you and we aim to ensure the privacy of all information which you may provide to us. Good information governance means that personal details, financial information and all personal health information is handled securely, efficiently and legally in order to deliver the best possible care to the people who use our services. It also includes the sharing of relevant personal health information with selected members of staff where appropriate. Any personal information which you volunteer will be treated with the highest standards of security and confidentiality strictly in accordance with the Data Protection Acts. The DDUH is committed to protecting the rights and privacy of individuals in accordance with the provisions of these Acts.
Our Promise to Patients and other Service Users
At the DDUH we undertake to:
Obtain and process information fairly
You have a right to access your personal data and a right to rectify it if inaccurate or processed unfairly.
Keep it only for one or more specified, explicit and lawful purpose
You have a right to know the reason why we are collecting and retaining your data and that the reason for doing so is lawful.
Use and disclosure only in ways compatible with these purposes
We will not disclose your data to a third party unless you consent to that disclosure or unless we are required to do so by law.
Keep it safe and secure
The security of your records is very important to us and access to our computer systems is restricted and password protected. Access is by authorised staff only on a “need-to-know” basis.
Keep it accurate, complete and up-to-date
We operate procedures that ensure high levels of data accuracy, completeness and consistency. If your details change, please let us know.
Ensure it is adequate, relevant and not excessive
We ensure that personal information held by the DDUH is adequate, relevant and not excessive in relation to the purpose for which we sought it.
Retain for no longer than is necessary
We have a policy on retention periods for personal data.
Give a copy of a person’s personal data to them on request
We have procedures in place to ensure that patients and other service users can exercise these rights under the Data Protection legislation.
The DDUH follows best practice guidelines and procedures in relation to all aspects of Data Protection.