Dentists and data protection

Dentists and data protection

Dentists protect our oral health, but they must also protect our personal data by law, i.e. dentists must comply with data protection regulations.

The General Council of Dentists of Spain, through its President, has reminded the community it represents of the importance of obtaining the express consent of patients for the processing of their data in the legally established cases, as well as being able to demonstrate compliance with legal obligations in accordance with the proactive responsibility indicated in the Data Protection Regulations.

Failure to do so, says the Chairman of the Council, could seriously damage the confidence of dental professionals.

Thus, any practice that jeopardizes the privacy of patients or the integrity of the profession should be avoided.

Why should dentists comply with data protection?

In principle, any personal data must be protected by the data controller or processor.

However, if we are dealing with health-related data, this protection obligation is reinforced.

Article 4 paragraph 15 of the GDPR defines health-related data and Article 9 of the GDPR classifies health data as special category data, which in principle, unless one of the conditions set out in the law is met, may not be processed. conditions set forth in the law are met, their processing is prohibited.

One of the exceptions to this prohibition on the processing of health data, according to Article 9.3 of the GDPR, is that the processing is carried out by a professional subject to the obligation of professional secrecy, which would be in line with dental professionals, as established in the Spanish Code of Ethics and Dental Deontology.

However, it is necessary to differentiate the processing of data for the purposes necessary to provide the aforementioned dental service, from any processing other than that related to the patient’s health, for example, if you want to send advertising to the patient we would be facing a different purpose and therefore must be accompanied by obtaining the express consent of the patient for such treatment and also use a means to prove that consent has been obtained in a transparent, informed and free manner.

In any case, it is the dentists’ obligation to inform the patient about data protection (art. 13 of the RGPD) and, as established in art. 5.2 of the RGPD, to inform about the purpose or purposes of the processing, data storage periods, possible transfers, patients’ rights and how to exercise them, as well as how to contact the Data Protection Officer(DPD), if the dentist is legally obliged to designate one.

The method most commonly used by dental professionals to comply with the above is to ask the patient to sign an “informed consent” regarding data protection.

Administrative consequences of data protection non-compliance

As with everything else, failure to comply with a legal obligation generates consequences, and in this case, the imposition of sanctions.

According to art. 72.1 e) of the LOPDGDD, violating art. 9 of the RGPD and 9 of the LOPDGDD is considered a very serious infringement.

A serious infringement carries an equally serious sanction, such as that set forth in Art. 83.5 of the GDPR, consisting of an administrative fine of up to EUR 20,000,000 or, in the case of a company, an amount equivalent to a maximum of 4% of the total annual aggregate turnover of the previous financial year, whichever is higher.

Ethical consequences of data protection breaches

The ethical consequences of non-compliance with data protection regulations are mainly the loss of confidence in the dental profession, as well as the reputation of the clinics where the violation of the regulations has occurred.

These consequences are very important at a social level, since trust and respect are the basis of any relationship, whether in our most intimate circles or in our professional and business circles.

Breaking the patient’s or client’s trust may imply a present and future loss for the person responsible for the treatment.

Business Adapter® at the service of your Dental Clinic

If you have a Dental Clinic and you need help to comply with the Data Protection Regulation, contact us by email: info@businessadapter.es, you can also call 96 131 88 04, or leave your message in this form:

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be pleased to help you.[/su_button]

Contact us, we will be pleased to help you.
error: Content is protected !!