Privacy Policy

The National Orthopaedic Hospital Cappagh respects your right to privacy. The Hospitals Patient Privacy Statement sets out how we collect, use, manage and store your personal information. Furthermore, it will help you to understand what personal data may be collected on this website, why it is collected, and what is done with it.

All information collected and processed through this website complies with our obligations under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. 

If you wish to view our full Patient Privacy Statement please select Privacy Statement – Full Version

The National Orthopaedic Hospital Cappagh endeavours to protect and cherish the privacy rights of all staff, patients, and visitors and will take all necessary steps to protect the fundamental privacy rights and freedoms of individuals.

This Privacy Statement describes options available to you, our end-users and visitors regarding the Hospital’s use of your personal data. It also outlines your rights regarding access to, correction and deletion of personal data held by the Hospital.

The term ‘personal data’ means any information relating to an identifiable person (called a data subject) who can be directly or indirectly identified, in particular by reference to an identifier. This definition provides for a range of personal identifiers which can includes name(s), identification number(s), location data or online identifier (e.g. IP address).

You may encounter and access links to third-party/other websites on our website. These external websites should have their own privacy notices. Links to other websites do not constitute an endorsement of that website by The National Orthopaedic Hospital Cappagh. We cannot accept any responsibility or liability for their website content, links and policies as we have no control over them.

National Orthopaedic Hospital Cappagh does not collect any personal data about you on this website. If you do contact us any information which you provide in this way is not made available to any third parties. We do not pass on any of your personal information when dealing with your enquiry, unless you have given us permission to do so. Any personal information which you choose to send to us via the website will be treated securely and in confidence, in accordance with the GDPR and the Data Protection Act.

Cookies: This website does not use cookies, apart from temporary “session” cookies which enable a visitor’s web browser to remember which pages on this website have already been visited.

A cookie is a piece of data stored on the user’s hard drive while they are visiting a particular website. It contains simple information about the user’s identity but no personal information. When the user closes their browser, the cookie is destroyed. You can set your computer not to accept cookies without a loss of functionality on this website.

Log Files: Technical details in connection with visits to this website are logged by us for our statistical purposes. No information is collected that could be used by us to identify website visitors. The technical details logged are confined to the following items:

  • The IP address of the visitor’s web server
  • The top-level domain name used (for example .ie, .com, .org, .net)
  • The previous website address from which the visitor reached us, including any search terms used clickstream data which shows the traffic of visitors around this web site (for example pages accessed and documents downloaded)
  • The type of web browser used by the website visitor
  • The Operating System used by the website visitor

Statistical information that is gathered does not constitute “personal data” for the purposes of the GDPR and the Data Protection Act.

National Orthopaedic Hospital Cappagh is a Data Controller and must comply with certain important rules about how we collect and use personal data. All personal data processed by our Hospital is processed in accordance with the obligations under the GDPR and the Data Protection Act. National Orthopaedic Hospital Cappagh collects, stores and uses large amounts of personal data every day, such as medical or health data, which may be paper-based or held electronically.  We take our duty to protect your personal information and confidentiality very seriously and are committed to taking all measures to ensure it is held securely and only accessed by those with a need to do so.

The healthcare professionals caring for you keep records about your health and any treatment and care you receive.  These records help to ensure that you receive the best possible care and they may be written on paper and/or held on a computer.

Collected information may include:

  • Your name, address, date of birth, in case of emergency (I.C.E), phone number, GP details etc.
  • Information in relation to your appointments.
  • Notes and reports about your health, treatment and care.
  • Results of x-rays, scans, laboratory investigations and other relevant tests.

It is essential that we have accurate and up to date information about you so that we can give you the best possible care.  Please check that your personal details are correct whenever you visit us and inform us of any changes.  This minimises the risk of you not receiving important correspondence.

Information will only be kept on our systems for as long as required for the provision of health services. The hospital follows the HSE’s guidelines on the retention of healthcare records.

In general terms, your records are used to direct, manage and deliver your care so that:

  • Healthcare professionals have the information they need to assess and improve the quality and type of care and treatment you receive.
  • Appropriate information is available if you see another doctor, or are referred to a specialist.
  • Your concerns can be properly investigated if a complaint is raised.

We will retain your information for as long as necessary to provide you with services, and to comply with our legal and regulatory obligations.  The hospital follows the HSE’s guidelines on the retention of healthcare records.

  • Referral letter received by us.
  • Telephone call from external health providers.
  • Attendance at a clinic
  • Forms sent to patients prior to treatment to request information.
  • Admission to the hospital
  • Insurance form completed

We share information about you with others directly involved in your care and we also share more limited information for indirect care purposes; both of these are described below.

Direct care purposes:

We share information about you with other healthcare professionals directly involved in your care so that you may receive the best quality care.

Indirect care purposes:

We also use information we hold about you to:

  • Review the care we provide to ensure it is of the highest standard and quality.
  • Ensure our services can meet patients’ needs in the future.
  • Investigate patients’ queries, complaints and legal claims.
  • Ensure the Hospital receives payment for the care you receive where appropriate.
  • Prepare statistics on the Hospital’s performance from anonymised data.
  • Audit services
  • Undertake heath research that has been approved by the hospital’s Ethics committee. Anonymised data is used as a basis for research purposes.

There may be other circumstances when we must share information with other agencies.  In these rare circumstances we are not required to seek your consent.

Examples of this are:

  • TUSLA – Child & Family Agency where there are reasonable grounds for concern that a child may have been, is being or is at risk of being abused or neglected.
  • An Garda Siochana if the information is essential for the investigation of a serious crime.
  • If there is a concern that you are putting yourself or another person at risk of serious harm.
  • If we have been instructed to do so by a court
  • If your information falls within a category that needs to be notified for public health or other legal reasons, e.g. certain infectious diseases

Subject to your consent, we use your mobile telephone number(s) to remind you of your appointment details via text.  If you no longer wish to receive these reminders you can ‘opt out’ by contacting the Hospital where you can request your telephone number(s) to be removed from the service.

We employ surveillance cameras in and around the Hospital site in order to:

  • protect staff, patients, visitors and Hospital property
  • monitor operational and safety related incidents

We will only retain surveillance data for a reasonable period. In certain circumstances (serious or criminal incidents) we may need to disclose CCTV data for legal reasons.

You have rights in relation to your personal data, as a data subject.

Important: These rights are subject to certain circumstances & restrictions.

Right of access:
You have the right to ask for access to the information that we hold about you. If you want to receive this information, then you can find details on how to do this on our Accessing Medical and Personal Records page link.

Right to rectification and data erasure:
You have the right to request inaccuracies of your personal data to be corrected.
You have the right to data erasure (also called the right to be forgotten).

Right to restriction of processing:
You have the right to restrict the use of your personal data

Right to object:
You have the right to object to the processing and automated decision making with/of your personal data.

Right to data portability:
You have the right to receive your personal data that you have provided to us in a ‘commonly used and machine-readable format’ and also for us to transfer that data to another controller for you when requested where  technically feasible.

Right to lodge a complaint:
You have the right to lodge a complaint with the Irish Data Protection Commission:
Data Protection Commissioner
Canal House, Station Road
R32 AP23
Co. Laois.

Visit the Data Protection Commission web-site  for more information.

If this privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

We welcome queries, comments or requests you may have regarding this privacy notice information.

Please contact our Data Protection Officer (DPO) at:
01 814 0447

Postal Address:
Data Protection Officer,
National Orthopedic Hospital Cappagh
Cappagh Road
Dublin 11
D11 EV29