CIEL BLEU DENTAL GROUP: DATA PROTECTION, CONSENT, AND PATIENT PRIVACY POLICY
At Ciel Bleu Dental Group, which includes Highfield Dental Centre and all affiliated practices, we are dedicated to safeguarding patient privacy, ensuring confidentiality, and providing ethical, patient-centred care. Our practices comply with the Health Professions Act [Chapter 27:19], the Medical and Dental Practitioners Council of Zimbabwe (MDPCZ) guidelines, the Cyber and Data Protection Act [Chapter 12:07] (2021), and relevant provisions under the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ).
1. PATIENT CONSENT & INFORMED CARE
- Informed Consent:
Before any examination, procedure, or treatment, patients are given clear information about diagnosis, available options, risks, and costs. No treatment is carried out without documented voluntary consent. - Right to Refuse:
Patients reserve the right to refuse treatment or request a second opinion. Their decisions are respected without prejudice. - Minors:
For patients under the age of 18, consent must be obtained from a parent or legal guardian.
2. PRIVACY & CONFIDENTIALITY
- Non-Disclosure:
Patient information (verbal, written, or digital) is never disclosed to third parties without written consent, except where required by law. - Staff Training:
All staff undergo confidentiality training and sign binding confidentiality agreements upon employment. - Verbal Discretion:
Consultations and discussions are conducted in private areas to prevent unauthorized access or accidental overhearing.
3. DATA STORAGE & SECURITY
- Physical Records:
All hard copy files (charts, consent forms, treatment notes) are stored in locked, access-controlled cabinets. Only authorised personnel can access them. - Digital Records:
Patient records are stored securely on encrypted, password-protected systems.
Regular data backups are maintained.
Access is strictly on a need-to-know basis.
4. DIGITAL COMMUNICATION & POTRAZ COMPLIANCE
- Confidentiality of Communications:
All patient-related electronic communication is confidential in accordance with Section 99 of the POTRAZ Act. - Cyber & Data Protection Act [Chapter 12:07]:
We process personal data lawfully, fairly, and transparently. Patients may request access, correction, or deletion of their personal records, subject to legal and ethical considerations. - Digital Channels:
WhatsApp, email, and SMS communications for bookings or enquiries are treated with the same discretion as in-clinic consultations. We do not disclose sensitive clinical findings through unsecured platforms without patient approval.
5. BREACH MANAGEMENT & ACCOUNTABILITY
- Any breach of confidentiality or data compromise is treated as a serious matter.
- Internal protocols are in place for reporting, investigating, and correcting breaches.
- Patients will be informed promptly if their personal information is compromised.
6. PATIENT RIGHTS
As a patient under Ciel Bleu Dental Group, you have the right to:
- Know what data is collected and held about you.
- Request access to your records.
- Request corrections to inaccurate information.
- Obtain a copy of your records, subject to verification and applicable documentation procedures.
CONTACT & POLICY REVIEW
For enquiries about our Data Protection and Patient Privacy Policy, or to request access to your records, please contact our Group Administrator at:
+263 77 4 448619
This policy is reviewed annually, or sooner if new laws or regulations require updates.
Would you like me to also prepare a shorter, patient-friendly version of this policy (for display in waiting areas and on the website homepage), while keeping this detailed version as the full downloadable policy? or providing personal data to us.