Skip to main content
Sign In

Privacy Policy

NHS Highland is a privacy conscious organisation and is strongly committed to your right to privacy. That is why we have drafted a Privacy and Data Protection Statement, which follows guidelines set out in the Data Protection Act 1998.


The Data Protection Act 1998 The Data Protection Act 1998 came into force on 1 March 2000. It set rules for processing personal information and applies to structured paper records as well as data held on computers. Once the Freedom of Information (Scotland) Act 2002 comes into force on 1 January 2005, the provisions of the Data Protection Act 1998 will apply to all records, including those structured other than by reference to the data subject, and completely unstructured files.


How does the Data Protection Act affect NHS Highland? The Data Protection Act states that those who record and process personal information must be open about how the information is used and must follow the eight principles of ‘good information handling’. These principles state that data must be:
  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure, and
  • Not transferred to countries without adequate protection.
    By law, data controllers, including the Support Project, have to keep to these principles.

If you believe in any way that NHS Highland is not processing your personal data in accordance with these principles, please contact the NHS Highland at the address listed on the contacts page.


How does NHS Highland collect data?There are several means by which NHS Highland collects personally identifiable data, for example:

  • Through registering on the website
  • Acceptance for inclusion on a mailing list or database
  • As a result of you interacting with NHS Highland (e.g. by entering into email or telephone correspondence with an employee of NHS Highland)

All personally identifiable information provided to NHS Highland is processed in accordance with the principles of the Data Protection Act 1998.


Is information passed to third parties?It is NHS Highland's policy to only disclose information to third parties if explicitly required to do so by United Kingdom Law.

NHS Highland will obtain your consent before passing on any information to any third parties.

NHS Highland does not collect or compile personally identifying information for dissemination or sale to external parties for marketing purposes or host mailings on behalf of third parties. 

Visitors to our websites

When someone visits we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Use of cookies by NHS Highland

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The NHS Highland website only sets the following cookies that are essential for certain site functions when those functions are used.

The table below explains the cookies we use and why.




More information

Online notification form cookie


This cookie is essential for the online contact form. It is set only for those people using the form. This cookie is deleted when you close your browser.

Visit the Microsoft website

Online search cookie


This cookie is essential for the search facility. It is set only for those people using the search facility. This cookie is deleted when you close your browser.

Visit the Microsoft website


Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit


User tracking

Except as stated already, NHS Highland will make no attempt to identify individual users. You should be aware, however, that access to web pages will generally create log entries in the systems of your ISP or network services provider. These entities may be in a position to identify the client computer equipment used to access a page. Such monitoring would be done by the provider of network services and is outwith the responsibility or control of NHS Highland.