Internet Explorer and Edge browser users:
To download Word, Excel or PowerPoint files please right-click on the file you wish to download, and select 'Save target as...'


The  Data  Protection  Act  1998  established  a  framework  of  rights  and  duties  to safeguard personal information and balance the legitimate needs of organisations to collect and  use personal information  again the right  of individuals to have the privacy of their personal details respected.

Much has changed since 1998. We now give a lot of information about ourselves to a lot of organisations, usually willingly but frequently unknowingly. Quite often we don’t know what happens to this information, how it is used and how decisions about  us  are  made. The  General  Data  Protection  Regulation  2018  (GDPR)  makes organisations more accountable in the way that they collect, use, store and dispose of personal information and gives individuals more control over information about them that they pass onto others.

Most of what you do stays the same, but some aspects need you to do more - for example: 

  • Audit your data to identify what you hold and why

  • Nominate or appoint a data protection officer if you're an NHS provider

  • Provide privacy notices to comply with the new law.

Our advice explains how you can comply - and the Expert templates help you to implement the changes. Don't be frightened into paying for expensive services you might not need.


GDPR explained

Protecting personal information

Data Security and Protection Toolkit (DSPT) - Guide to completing 

Expert templates

(Available to Expert members -Please log in or contact us on 020 7563 4550 to discuss your upgrade options or to join)

Access to information held by the practice
Confidentiality policy
Data security policy - practice
Data protection processor agreement
Data protection processor agreement - associates
Data protection processor agreement - notes for use 
Data protection privacy notice - associates
Data protection privacy notice - employees

Data protection privacy notice - patients
Information asset register

New patient - welcome letter
Records management policy

Audit - GDPR information
Audit - GDPR access to information 

Advice video

An overview of GDPR for dentists


CPD module - 3 hours verifiable

To help you understand GDPR and apply the new regulations in practice.

  • State what GDPR is

  • Know how data handling rules will apply to your practice

  • Know what responsibilities organisations have under GDPR

  • State what a data breach is and what action to take if one occurs.


New rules on data protection affecting dentistry

High Street NHS providers say 'fix broken Bill'


Online course: Become an effective data protection officer

One-to-one advice

Extra and Expert members have access to unlimited one-to-one advice via phone or email from our experienced advisors. To email our Practice support team:

​To help members at this time you can call us from 8.30 to 18:00.

Please note that we are working hard to keep all relevant information on our Coronavirus pages

For members with access to 1:1 advisory services, please call 020 7935 0875 between the hours of 9:00 and 17:00.

For advice between the hours of 8.30 and 9:00, and between 17:00 and 18:00 members may use the following numbers:

​NHS and Business advice
020 7535 5864
​Employment advice and advice on associates
020 7563 4574
​Advice on Compliance and CQC
020 7563 4572
​Advice for dentists employed in community dental services etc
Tel: 020 7563 4582

Our members working in hospitals should call the BMA for advice. The BDA and BMA have an arrangement for the BMA to provide advice to our members. Contact details for the BMA


We may record telephone conversations that are advisory in nature to offer you additional security, resolve complaints and improve our service standards. Conversations may also be monitored for staff training purposes. You will be alerted to this when you call.