Confidentiality Policy
Confidentiality is an important ethical and legal duty but it is not absolute. Sirona Health Ltd may disclose personal information without breaching duties of confidentiality when any of the following circumstances applies:
a. The patient consents, whether implicitly or explicitly for the sake of their own care or for local clinical audit, or explicitly for other purposes.
b. The patient has given their explicit consent to disclosure for other purposes.
c. The disclosure is of overall benefit4 to a patient who lacks the capacity to consent.
d. The disclosure is required by law, or the disclosure is permitted or has been approved under a statutory process that sets aside the common law duty of confidentiality.
e. The disclosure can be justified in the public interest.
When disclosing information about a patient Sirona Health Ltd must:
a. use anonymised information if it is practicable to do so and if it will serve the purpose
b. be satisfied the patient:
i. has ready access to information explaining how their personal information will be used for their own care or local clinical audit, and that they have the right to object
ii. has not objected
c. get the patient’s explicit consent if identifiable information is to be disclosed for purposes other than their own care or local clinical audit, unless the disclosure is required by law or can be justified in the public interest
d. keep disclosures to the minimum necessary for the purpose
e. follow all relevant legal requirements, including the common law and data protection law.
Sirona Health Ltd will tell patients about disclosures that Sirona Health Ltd makes that the patient would not reasonably expect, or check the patient(s) have received information about such disclosures, unless that is not practicable or would undermine the purpose of the disclosure – for example, by prejudicing the prevention, detection or prosecution of serious crime.
Health and care records can include a wide range of material, including but not limited to:
a. electronic records
b. correspondence between health professionals
c. laboratory reports
d. communications with patients (including texts and emails)
Sirona Health Ltd will ensure any personal information about patients that Sirona Health holds or controls is effectively protected at all times against improper access, disclosure or loss. Sirona Health Ltd will not leave patients’ records, or other notes Sirona Health Ltd makes about patients, either on paper or on screen, unattended.
Sirona Health Ltd will not share personal information about patients where it can be overheard, for example in a public place or in an internet chat forum. While there are some practice environments in which it may be difficult to avoid conversations with (or about) patients being overheard by others, Sirona Health Ltd will try to minimise breaches of confidentiality and privacy as far as it is possible to do so.
Your data will be retained by Sirona Health Ltd for 8 years after you have been discharged from our service, or at age 25 if you were under the age of 18.
Appropriate information sharing is an essential part of the provision of safe and effective care. Patients may be put at risk if those who provide their care do not have access to relevant, accurate and up-to-date information about them. Multidisciplinary and multi-agency teamwork is also placing increasing emphasis on integrated care and partnership working, and information sharing is central to this, but information must be shared within the framework provided by law and ethics.
The usual basis for sharing information for a patient’s own care is the patient’s consent, whether that is explicit or implied. Sirona Health Ltd may rely on implied consent to access relevant information about the patient or to share it with those who provide (or support the provision of) direct care to the patient if all of the following are met:
a. Sirona Health Ltd are accessing the information to provide or support the individual patient’s direct care, or are satisfied that the person you are sharing the information with is accessing or receiving it for this purpose.
b. Information is readily available to patients, explaining how their information will be used and that they have the right to object. This can be provided in leaflets and posters, on websites, and face to face. It should be tailored to patients’ identified communication requirements as far as practicable.
c. Sirona Health Ltd have no reason to believe the patient has objected.
d. Sirona Health Ltd are satisfied that anyone you disclose personal information to understands that you are giving it to them in confidence, which they must respect.
Third party data processors
Sirona Health Ltd uses Semble to store patient data. Semble acts as a Data Processor (as defined in the UK GDPR), acting on behalf of Sirona Health who are the Data Controllers, in respect of the patient data stored within Semble. Your data is physically stored on servers which have achieved the highest level of security certification, as used by banks and government services. Our servers are located in London, United Kingdom. Only a very limited number of authorised staff from Semble can access these servers.
Data is replicated continuously, with multiple copies stored between security centres to ensure immediate failover. Data in transfer is fully encrypted using the most secure cryptographic technologies available (256-bit level of encryption). This means that when you access your data via the internet the Semble server will negotiate a secure link with the end user via a process called SSL. This is the same technology used for online banking and credit card transactions and is known to be the most secure system available.
Data Subjects have the right under the UK GDPR to access copies of information that Data Controllers hold about them through a subject access request (SAR). Semble makes it easy for Sirona Health Ltd to handle SARs through the system. Using the system, Sirona Health Ltd can search for the relevant information that the requestor is looking for and share it with the data subject. Sirona Health Ltd are responsible for managing this process as the Data Controller and ensuring that they comply with the requirements of the UK GDPR and any other legal obligations.
Where Semble receives a SAR in respect of data that an individual believes is held within the system, Semble will advise them to contact Sirona Health Ltd. Semble will not take any other action in respect of a SAR unless in accordance with specific instructions from Sirona Health Ltd.
The UK GDPR gives data subjects the right to have their personal data erased in certain limited circumstances. Sirona Health can delete data within the Semble system, but it will only permanently be deleted by Semble at the specific request of Sirona Health Ltd to Semble. Semble will permanently delete the data at Sirona Health Ltd’s specific written request.
The UK GDPR allows data subjects to have their data corrected when it is wrong. This is easily managed by Sirona Health Ltd within Semble as Data Controllers. Semble will not modify data other than in accordance with the specific written instructions of Sirona Health Ltd.
Semble only uses suppliers of services who have the highest security accreditation (e.g. AWS) to process any of the personal data stored within the Semble application. Semble review all of their sub-processors and hold them to the same standard required by the UK GDPR. Unless otherwise required by law, Semble will not transfer any personal identifiable data to any third party other than in accordance with the specific instructions of Sirona Health Ltd.