GDPR - Four letters that spell data protection

Dentistry is a highly regulated industry. Over the past decade we have seen many changes in regulations from HTM01-05 to the introduction of the CQC. Being prepared for these changes has often been a time-consuming task for practice managers and principal dentists alike.

At Systems for Dentists we aim to assist our clients in their compliance woes. With GDPR we can assist our clients in many ways due to the expertise we hold in application development and security.

Over the past two years we have planned for the changes that became live on the 25th May with a number of software updates released to assist your practice in the change. We have also been fielding a lot of questions related to GDPR in general.

Unfortunately, much misinformation has been spread in our industry from groups and sometimes outside training organisations. Our favourite examples of false information include:

• You can no longer send appointment reminders or recalls without consent

(This is nonsensical - recalls and reminders both pertain to maintaining the patient’s oral health which is clearly in the vital interests of the patient)

• Treatment plans with options are marketing and so must be pre-consented

(Informed consent is vital and GDPR does not change this. If the material is aimed directly at the patients needs then it falls in the categories of legitimate interests, vital interests and legal obligation)

• Practices must seek a child’s permission to contact their parents about their dental treatment

(This example was just bizarre and seems to ignore everything in law regarding parental responsibility)

There are many reasons why you will wish to market to your patients, send newsletters or advertise new services. To make sure you do not accidentally market to patients that have not given consent we have added a new GDPR section to the patient’s correspondence settings. For more information take a look at the following FAQ:

Ensuring your documents are compliant is also of vital import to the practice. Although a manual process SfD makes this easy by giving you a document review panel and the ability to mark documents and text message templates as compliant or not.

As you can see you may already have a number of good reasons for contacting patients. Many practices however wanted to send a mass email before the deadline to gain consent. Although this would be a limited use service we created a system for sending out the request to patients on mass, through email and SMS, and created a webservice that would allow them to make a declaration regarding if and how they wish to be contacted. This information loads directly back into the patients record within 24 hours.

To ensure you do not risk being non-compliant by sending sensitive material via email (which is by its nature insecure) we have created a new secure email service to allow you to securely send patients documents from the patients record

For more information on any of these features or our services in general please call the support team on 0191 500 6789 or email

You can read all the FAQ’s related to GDPR and other SfD related topics on our FAQ page which includes a simple search function.

Request a demo »