Most businesses require personal information and data from their clients and customers, and for dentists, reading this will apply to your patients. Not only will that data include the information that patients provide, such as their name, address and date of birth, but the subsequent information you add to their files regarding their oral health and treatments, many of which they will have paid for, so you may also have credit cards or bank details stored.
What all of that means, and in line with the relevant commercial law, which for dentists located in Australia is the 1998 Privacy Act, is that the storing and using of personal information must be done in a way that protects that data. Should you fail to protect the data and it is shared deliberately, in error, or due to a security breach, you and your dental business could face penalties.
Lawyers for Dental O So Gentle advised one of the ways you can ensure you comply with privacy law is for your dental business to have a privacy policy. This outlines what steps your business takes to protect data, what legitimate ways it can be used, and how you will handle privacy-related complaints. Read on, and we will explain further.
Privacy Act ‘APPs’
The Australian Privacy Act 1998 comprises ‘Australian Privacy Principles’, or APPs as they are more commonly known. The APPs provide the primary basis for the areas of privacy law that businesses and organisations that collect data must adhere to. They include references to:
• The rights that individuals have relating to accessing their data
• What each business/organisation is accountable for
• How data is stored
• How data is disclosed
• How data can be used
• How data can be collected
Note that the Act takes into account the fact that each business is different and may comply with all APPs in different ways depending on its size and industry.
Publishing Terms Of Use, Disclaimers, And Privacy Policy
Given that we live in the internet age, the most logical place to have your privacy policy published is on your website. However, we also recommend having a hard copy available at your dental practice should any patient or official wish to inspect it. Bear in mind that you may be acquiring data both on your website and in your dental practice, so ensure your privacy policy covers all eventualities.
On your website, you should also have pages that include the terms of use of your website and disclaimers. If you are unsure what these should consist of, we advise you to speak to your commercial lawyers, who can advise you. It is essential to realise that your privacy policy is there not just for the sake of your patients but also as a protection for you and your business, which is why it is essential to have one.
Benefits Of Having A Privacy Policy
Apart from it being a legal requirement, a privacy policy is something that provides you and your dental practice a level of protection from anyone who wishes to unreasonably accuse you of misusing their data and personal information. One clause within your privacy policy will be the uses to which you will put the information given to you, and each individual who signs to become a patient is deemed to have agreed to the terms of that privacy policy.
For example, if you use data for marketing purposes, such as emailing patients about a new treatment, they must be given the option to opt-out. Still, they cannot claim you are spamming them if their agreement to receive email is part of the privacy policy they agree to when signing up to be your patient. That is just one of the ways a privacy policy can help you avoid falling foul of privacy laws and the APPs.