The GDPR entered into force in 2016 after passing European Parliament, and as of May 25, 2018, all organizations were required to be compliant.
In a nutshell – the rule of thumb is:
“if the business’ aim outweighs the risk of data protection, you can contact them’ – that sounds a bit confusing but if you think about it; if someone calls you, or walks in to the practice – they have initiated contact which justifies further communication.”
To ensure we are compliant, we have added a mandatory ‘opt-in’ tick box to all contact forms across our clients’ websites – as well as our own!
This effectively acts as a contract between any potential patient and the business to say that the user “wishes to receive further contact from you, and gives permission for you to use the data” by ticking this box.
We have also added an updated Cookie Policy to the footer of all our clients’ websites – so that current and potential patients can see how and why we use Cookies (with a few more helpful links if you want to learn more!).
Other than the changes that we can implement on behalf of our fantastic clients, if you are a dental practice owner reading this post it is very important to note that – if you send anything more than appointment reminders to patients, (for example offers, newsletters or emailing none/previous patients), then you will now need to re-gain consent from those people.
The best way to do this is to contact your newsletter/mailing list software, and ask for their advice on sending out an ‘opt in/opt out’ mailshot, just like this:
Finally – don’t forget the importance of ensuring that these rules also apply to your in-house systems and paper forms.
With regards to those who opt-out – GDPR states that you must ensure that ALL RECORDS, both paper and digital of that person’s details are either anonymised (replacing their personal info on your records with gobbledygook!), or removed completely from your records.
To anonymise a patient, just change from this:
To this:
…that way – any end of year analysis, summarising data, or patient value can be kept on record!
For more information on the new GDPR regulations, visit: https://www.eugdpr.org/
Or if you’d like us to take a look at your website, and ensure it meets the guidelines above, then get in touch! Email team@dominatedental.com and with the URL of your website and we’d be happy to take a look.