Terms & Conditions

Nelson Dental Centre - Information for Patients

We are committed to providing you with excellent clinical care. All we ask in return is that you attend any appointments you have booked, act on the advice we give you and report any new symptoms to us promptly.

If you have any questions about our terms and conditions please contact a member of Nelson Dental Centre who will be happy to help you.


PERSONAL DETAILS
It is very important that you give a full medical history and details of any medication you take. Should these change in anyway, please tell your Dentist. It is your responsibility to inform the clinic of any changes in either personal details and/or your medical history. It is a requirement your medical history be updated every two years.

OUR PROMISE OF SERVICE
We will listen carefully to your concerns and perform diagnostic tests in order to compose a full range of appropriate treatment options for you.

TREATMENT ESTIMATES AND CONSENT
We will present your treatment options to you in writing including the estimated fees involved. We will explain the risks and benefits so you can make an informed choice about your treatment and we can gain your consent. If new information comes to light during treatment and your treatment options change we will explain this to you.

PAYMENT METHODS
Payment is due at the time of treatment. We accept payment by credit and debit cards, cash or cheque. Dental Benefits care is available to children up to the age of 18. For some larger items of treatment you may be asked to make an advanced payment. Please note ACC does not always cover the full cost of treatment and therefore there may be a balance to pay. We reserve the right to charge administration and collection fees in the event of late payment or non-payment, but we will not do this without telling you in advance.

CANCELLATION OF APPOINTMENTS
We request 24hrs notice for all cancellations. Short notice cancellations or failed appointments may incur a fee.

CONFIDENTIALITY
We take patient confidentiality very seriously and all patient information is treated in the strictest confidence in accordance with our practice policy, a copy of which is available on request.

DATA PROTECTION
We will only use your personal information to communicate with you about your care, with other medical professionals in your interests and with your consent, or to tell you about our services. We will not disclose any of your personal information to third parties not engaged in your care. We store all patient personal details securely. All clinical notes and digital imagery remain the property of Nelson Dental Centre. Copies can be made available on request and we reserve the right to charge an administration fee for this.

PATIENTS WITH ADDITIONAL REQUIREMENTS
We have facilities suitable for wheelchairs. If you have any additional special requirements please ask our team for assistance.

CULTURAL COMPETENCE
The staff at Nelson Dental Centre understand that New Zealand has a culturally diverse population. As such we operate with a respect for and an understanding of the cultural beliefs, values, and practices of our patients.

COMMENTS ABOUT OUR SERVICE
We hope that you are pleased with the service and treatment that you receive; if not, please let us know how we can remedy the matter and improve our service. Our complaints procedure is available from any member of our team.

PROCEDURES AND POLICIES
If you would like any further information regarding any of our policies please contact our team, we will be pleased to help

Privacy Policy

Health Information Privacy policy for Nelson Dental Centre

Purposes

This document outlines the practice policy related to the Privacy, in line with the Privacy Act 2020, which promotes and protects the privacy of individual personal information and the Health Information Privacy Code, which specifically relates to the management of health information.

 

Scope

All staff must comply with the following rules when collecting, using, storing, or disclosing information about patients’ personal or health or the treatment that they are receiving.

 

Policy

 

The practice team members will understand, comply with, and implement the requirements of the Privacy Act 2020 and the Health Information Privacy Code 2020, as outlined in this document which state the processes to be followed by the staff in handling personal and health information.

 

·       The practice Privacy Officer is Joanne Brown They have received training and are aware of their responsibilities.

  • The practice will collect personal and health information in a manner that complies with the Privacy Act and the Health Information Privacy Code.

o   only collect the information for the purpose of treating the patient or for some other legal purpose;

o   collect the information directly from the patient unless they have consented to you collecting the information from someone else or one of the other exceptions to this rule applies; and 

o   collect information from children and young people in a fair manner

o   let the patient know why you are collecting the information, who will have access to the information and that the patient is entitled to access and correct the information.  You will not need to tell patients this if you have collected the same type of information from them before.

o   Collect information in an unidentifiable way if appropriate

  • The practice complies with the Privacy Act and Health Information Privacy Code requirements when using personal and health information.

o   When we have collected personal information from an individual for one purpose, it cannot used for any other purpose without the individual’s consent.

o   There are some exceptions to this principle. These exceptions include where the information is publicly available, or where you use the information in a way that does not identify the individual. You will find a full list of the exceptions to this principle in the Privacy Act .

o   Before using individuals’ personal information, you must do what you can to make sure that the information is accurate and up to date.

  • The practice complies with the Privacy Act and Health Information Privacy Code when storing and destroying personal and health information.

o   You must ensure that the personal information that our practice holds is stored securely so that it cannot be accessed or used by unauthorised people. All patient information should be digitally stored in their personal patient file.

o   When you transfer patients’ health information to someone else, you must do what you can to prevent unauthorised people from accessing or using the information.

o   Our practice can keep patients’ health information for as long as we need the information to treat patients and must keep patients’ health information for a minimum of 10 years from the date that treatment was last provided.

o   Our practice must destroy patients’ information in a way that ensures the confidentiality of the information. Documents should be scanned digitally into the patient’s personal file then put in a document shredding box for secure destruction.

o   Patients are entitled to ask our practice to confirm whether we hold information about them and to access the information unless we have lawful reasons for withholding the information.

o   Patients are also entitled to ask our practice to correct the information that we hold about them.

o   You must assist patients who ask to access their information.

  • The practice complies with the Privacy Act and Health Information Privacy Code requirements when disclosing health information.

You must not disclose a patient’s information without their consent (or the consent of their representative) unless you reasonably believe that it is not possible for you to get the patient’s consent and:

o   the disclosure is for the purposes of the patient’s treatment (e.g., a referral);

o   the disclosure is to the patient’s caregiver and the patient hasn’t objected to the disclosure;

o   it is necessary for you to disclose the information to prevent a serious and immediate threat to the patient or another person’s life or health;

o   the disclosure is made for the purposes of a criminal proceeding;

o   the patient is, or is likely to become dependent on a drug that you need to report under the Misuse of Drugs Act or the Medicines Act;

o   the disclosure is to a social worker, or the police and concerns suspected child abuse;

o   the disclosure is made by a doctor to the Director of Land Transport Safety and concerns the patient’s ability to drive safely.

You must consult with our practice’s Privacy Officer before disclosing a patient’s health information without his/her consent. The practice complies with the Privacy Act and Health Information Privacy Code when correcting health information.

  • The practice has a process to deal with data privacy breaches and notification in-line with the requirements under the Privacy Act.

 

  • The practice will follow the process outlined when dealing with requests for information. These can be found in Practice Policies & Procedures (both Digital and in Print)

  • The practice will ensure confidentiality of information.

  • The practice will follow the process outlined to deal with transferring patient’s information. These can be found in Practice Policies & Procedures (both Digital and in Print)

·       The practice displays a privacy poster in the waiting room.

 

·       The practice has brochures relating to the Privacy Act and HIPC available for patients.  These can be found in the Practice Policies & Procedures (both Digital and in Print)

·       The Privacy Act and HIPC will be covered in the practice induction process.

 

Privacy officer

The Privacy Officer has overall responsibility for privacy issues in the practice, but all staff are responsible for ensuring they keep up to date with their obligations under this legislation

Privacy Officer role:

·       Ensure that the practice has a current privacy policy and procedures and that all staff can easily access these documents.

·       Ensure that all staff members have read and understood the policy and procedures, and this has been documented.

·       Ensure that the practice complies with the Privacy Act, both in regard to personal patient information and employee information.

·       Deal with requests made to the practice about personal or employment information.

·       Ensure compliance with the Health Information Privacy Code in relation to patient information.

·       Brief the practice team on changes to legislation and/or practice processes.

·       Use team meetings to discuss privacy complaints received, the part of the procedure that failed and ways to improve the process.

·       Continuous improvement process and education.

·       Induction of new staff on Privacy and HIPC.

·       Source suitable training opportunities.

·       Ensure that any complaints received are dealt with in accordance with legislation. If referred to Privacy Commission work with them to resolve.

·       Provide clear guidelines to staff around who has access to health information and how it is handled.

Privacy Breaches

Agencies are now legally required to notify breaches in privacy if the breach poses a risk of serious harm or causes serious harm to an individual or group. There are three reasons why this is important:

-        People cannot protect themselves from the impact of privacy breaches if they do not know a breach has occurred

-        The speed at which data can be transferred and copied means the potential for harm is much greater

-        Sharing the lessons from privacy breaches that have already occurred can help to prevent similar beaches in the future

If a notifiable privacy breach occurs the business should notify the affected people. If the breach poses a risk of serious harm or causes serious harm to an individual or group, the Privacy Commissioner must be notified. The Privacy Commission has developed a Notify Us tool which will help you to identify if the breach meets the notification threshold. Failure to notify could result in a penalty of up to $10,000.

 

Examples of likelihood of serious harm being caused by a breach include:

  • Physical harm or intimidation 

  • Financial fraud including unauthorised credit card transactions or credit fraud 

  • Family violence

  • Psychological, or emotional harm

 

When assessing whether a privacy breach is likely to cause serious harm to decide whether the breach is a notifiable privacy breach, you must consider the following:

·       any action taken by the agency to reduce the risk of harm following the breach:

·       whether the personal information is sensitive in nature:

·       the nature of the harm that may be caused to affected individuals:

·       the person or body that has obtained or may obtain personal information as a result of the breach (if known):

·       whether the personal information is protected by a security measure:

·       any other relevant matters.

 

If you think a data breach has occurred

1.     Inform the Privacy Officer/management as soon as you are aware of a data breach

2.     Privacy Officer/Management will notify the Privacy Commissioner and potentially affected individuals of the privacy breach, where the breach caused or is likely to cause serious harm

3.     The breach notice made by Privacy office/management must contain:

a.     Your contact details,

b.     Timeline,

c.      Information around the breach itself,

d.     Likely harm

e.     What you have done about notifying affected people, or organisations

f.      Any other relevant information

Confidentiality

All staff members have understood and signed a confidentiality agreement as part of their employment agreement or contract of service. The obligations under this clause extend after the agreement or contract has ended.

Destruction of Confidential material

All confidential material is either shredded on site or placed in secure destruction bin.

IT Security

Each staff member should have their own unique login name and it is protected by at least 8 characters passwords mixed of letters and numbers.

Patient Portal Access/Security

Henry Schein One NZ uses 2FA (Two Factor Authentication) and is hosted in a secured offsite sever by the company.

Patient registration for Henry Schein One is consented on enrolment form or written consent form. This is usually done during first time enrolment visit or any other clinic visit, with patient identity check.

Patient then provides a login email address. An activation code and instruction will be sent to the nominated email. Once patients have read and agreed with registration instruction, they will click on the link to activate the registration.

Health information privacy rules

Cover:

1.     The purpose of collection of health information

2.     Source of health information

3.     Collection of health information from an individual

4.     Manner of collection of health information

5.     Storage and security of health information

6.     Access to personal health information

7.     Correction of health information

8.     Accuracy of health information to be checked before use

9.     Retention of health information

10.  Limits on use of health information

11.  Limits on disclosure of health information

12.  Disclosure of health Information outside New Zealand

13.  Unique identifier

14.  Policy review date: