Every day, we become more and more connected to the internet. New applications and tools emerge so frequently that it can be difficult to keep up. But with all these advancements, how can you ensure that your data is being used correctly? Keep reading and learn all about the LGPD (Brazilian General Data Protection Law) in dentistry! 

Given that various sectors are increasingly using digital tools such as cloud storage, file sharing, and especially the rise in video calls, it is essential to be concerned about the security of company information. 

The healthcare field is no different. It's necessary to pay attention to the degree of exposure of patient data and even medical records containing patient histories. 

With this in mind, the General Data Protection Law (LGPD) was created to guarantee the confidentiality of information and, above all, to give users more authority over what the corporation can do with their data provided in forms and registrations. 

Want to learn more about how the LGPD (Brazilian General Data Protection Law) works in dental clinics and offices? Check it out below!

Learn about the General Data Protection Law.

The LGPD (Brazilian General Data Protection Law) was created to regulate all provision of personal data, whether directly or indirectly. Examples include: name, CPF (Brazilian taxpayer ID), date of birth, racial origin, location, telephone number, email address, internet cookies, and more. 

Therefore, the user needs to allow that company or platform access to their personal information in order to analyze it, use it for communications, or even share the information with third parties.

These permissions are usually collected when installing an application or when joining a website's mailing list. 

For example, you just downloaded and read a blog post about the advantages of... transparent device, liked the content and wants to subscribe to the site's newsletter. 

When registering, you may find a checkbox at the bottom of the page that says "I authorize the use of my information to receive exclusive content via email and SMS". 

Before the pandemic, the law was supposed to come into effect in August 2020, but after some twists and turns, it ended up coming into effect in September. However, the sanctions will only be applied from August 2021.

The best thing to do is take advantage of this extra time and start putting things into practice so that when the deadline expires, you won't be surprised by fines that can range from 2% of the company's total revenue to R$50 million.

What is the impact of this law on dentistry? 

We know that every dental office has a large collection of patient records, right? 

There is a large flow of information that is updated with each consultation. Whether it's for a simple quote for a patient who wants to know more. How much does a tooth restoration cost? Or, alternatively, in orthodontic appliance documentation. 

Therefore, it is essential to take care of all the data that your practice uses. According to the LGPD (Brazilian General Data Protection Law), there are some rules to follow; here are some examples: 

• The patient can adjust, block, and choose which data will be provided to the clinic, and even delete it;
• The use of patient data for any unauthorized purpose is strictly prohibited.
• If the clinic treats children and adolescents, legal authorization from a parent or guardian is required. 

How do I get my practice regulated?

Now that you know what LGPD means and some of the established rules, it's time to put them into practice in your clinic. We've outlined some steps you should start implementing. Let's go? 

1. Understand what you need

First of all, it's necessary to understand what your needs are regarding patient data. 

Stop and make a list of all the data you need, how you collect it, and what points you need to change.

Let's suppose you need a list with each patient's email and phone number to send messages about when to schedule certain procedures, such as, for example, tooth extraction. 

In this case, you need to include an authorization field in the registration form so that the patient can give their consent.

1. Delve deeper into the LGPD (Brazilian General Data Protection Law).

After ensuring you've identified each area for improvement, you need to delve deeper into the General Data Protection Law. 

This is to ensure you haven't missed anything and won't be in debt to the government. It's recommended that your legal department participate in this process to avoid future problems. 

If your practice does not have a specialized area for these matters, it is recommended that you contact consulting firms that provide this service.

1. Have a defined team.

During the data protection process, it is essential to define the scope of each person who will be responsible for your company's compliance with the LGPD (Brazilian General Data Protection Law). 

Each person must have a specific task to ensure that no step is missed. For example, defining who collects the data, who controls and operates authorizations, and who will have direct contact with the regulatory agency responsible for enforcing the law, the National Data Protection Authority (ANPD). 

1. Transparency first.

Regardless of the purpose of the data you wish to collect, you need to be as clear as possible about it. 

It doesn't matter what you're asking for, even if it's just to get in touch regarding appointment confirmation or to provide information about a quote. dental implantWe need to be transparent! 

Lastly, 

We know that one of the fundamental points of the medical code of ethics is precisely the confidentiality of information. Therefore, being confidential is essential. in accordance with the LGPD This is yet another guarantee of safety for patients.

Ultimately, the more aligned you are with the law, the more credibility you will have in the market! 

This content was produced by Mayara Santos, writer at Clínica Ideal.