Skip to main content
Sign In
NHS Highland - Working with you to make Highland the healthy place to be
Go Search
 
 
 
 
 

Privacy Policy

NHS Highland is a privacy conscious organisation and is strongly committed to your right to privacy. That is why we have drafted a Privacy and Data Protection Statement, which follows guidelines set out in the Data Protection Act 1998.

 

The Data Protection Act 1998 The Data Protection Act 1998 came into force on 1 March 2000. It set rules for processing personal information and applies to structured paper records as well as data held on computers. Once the Freedom of Information (Scotland) Act 2002 comes into force on 1 January 2005, the provisions of the Data Protection Act 1998 will apply to all records, including those structured other than by reference to the data subject, and completely unstructured files.

 

How does the Data Protection Act affect NHS Highland? The Data Protection Act states that those who record and process personal information must be open about how the information is used and must follow the eight principles of ‘good information handling’. These principles state that data must be:
  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure, and
  • Not transferred to countries without adequate protection.
    By law, data controllers, including the Support Project, have to keep to these principles.

If you believe in any way that NHS Highland is not processing your personal data in accordance with these principles, please contact the NHS Highland at the address listed on the contacts page.

 

How does NHS Highland collect data?There are several means by which NHS Highland collects personally identifiable data, for example:

  • Through registering on the website
  • Acceptance for inclusion on a mailing list or database
  • As a result of you interacting with NHS Highland (e.g. by entering into email or telephone correspondence with an employee of NHS Highland)

All personally identifiable information provided to NHS Highland is processed in accordance with the principles of the Data Protection Act 1998.

 

Is information passed to third parties?It is NHS Highland's policy to only disclose information to third parties if explicitly required to do so by United Kingdom Law.

NHS Highland will obtain your consent before passing on any information to any third parties.

NHS Highland does not collect or compile personally identifying information for dissemination or sale to external parties for marketing purposes or host mailings on behalf of third parties.

 

Privacy and Data Protection Policy

User Anonymity & Personal Information on the NHS Highland Website
Log files are maintained and analysed of all requests for files on the NHS Highland servers. Aggregated analyses of these log files are used to monitor website usage. These analyses are made available to NHS Highland participating organisations to allow them to measure, for example, overall popularity of the site and typical user paths through the site.

In combination with other information which is not collected by NHS Highland but which may be collected by suppliers of network services, it may in certain situations be possible to identify an individual user's use of the NHS Highland website. NHS Highland does not collect the additional information required and will make no attempt to track or identify individual users, except where explicit consent for this is given or where there is a reasonable suspicion that unauthorised access to systems is being attempted. In the case of all users, NHS Highland reserves the right to attempt to identify and track any individual who is reasonably suspected of trying to gain unauthorised access to computer systems or resources operating as part of the NHS Highland service. As a condition of use of this site, all users must give permission for NHS Highland to use its access logs to attempt to track users who are reasonably suspected of gaining or attempting to gain unauthorised access.

All log file information collected by NHS Highland is kept secure and no access to raw log files is given to any third party.

In certain cases, a NHS Highland participating website may implement a registration scheme which will allow usage to be tracked. NHS Highland policies do not permit this to be done except in cases where users have given informed consent for this to be done, and offending sites will be removed should NHS Highland become aware of any breaches of this policy. NHS Highland will endeavour to ensure that participating organisations have proper data-protection procedures in place in respect of the information they make available through their websites.

 

Use of Cookies

NHS Highland does not store any information that would on its own allow us to identify individual users of this service without their permission. Any cookies that may be used by NHS Highland are used either solely on a per session basis or to maintain user preferences. Cookies are not shared with any third parties.

 

User tracking

Except as stated already, NHS Highland will make no attempt to identify individual users. You should be aware, however, that access to web pages will generally create log entries in the systems of your ISP or network services provider. These entities may be in a position to identify the client computer equipment used to access a page. Such monitoring would be done by the provider of network services and is outwith the responsibility or control of NHS Highland.

 

A dh'ionnsaigh Gaidhealtachd slan, fallain

© NHS Highland