Privacy Policy

The National Orthopaedic Hospital Cappagh respects your right to privacy. The Hospitals Patient Privacy Statement sets out how we collect, use, manage and store your personal information. Furthermore, it will help you to understand what personal data may be collected on this website, why it is collected, and what is done with it.

All information collected and processed through this website complies with our obligations under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. 

If you wish to view our full Patient Privacy Statement please click here

The National Orthopaedic Hospital Cappagh endeavours to protect and cherish the privacy rights of all staff, patients, and visitors and will take all necessary steps to protect the fundamental privacy rights and freedoms of individuals.

This Privacy Statement describes options available to you, our end-users and visitors regarding the Hospital’s use of your personal data. It also outlines your rights regarding access to, correction and deletion of personal data held by the Hospital.

The term ‘personal data’ means any information relating to an identifiable person (called a data subject) who can be directly or indirectly identified, in particular by reference to an identifier. This definition provides for a range of personal identifiers which can includes name(s), identification number(s), location data or online identifier (e.g. IP address).

You may encounter and access links to third-party/other websites on our website. These external websites should have their own privacy notices. Links to other websites do not constitute an endorsement of that website by The National Orthopaedic Hospital Cappagh. We cannot accept any responsibility or liability for their website content, links and policies as we have no control over them.

National Orthopaedic Hospital Cappagh does not collect any personal data about you on this website. If you do contact us any information which you provide in this way is not made available to any third parties. We do not pass on any of your personal information when dealing with your enquiry, unless you have given us permission to do so. Any personal information which you choose to send to us via the website will be treated securely and in confidence, in accordance with the GDPR and the Data Protection Act.

About this cookie policy.

This Cookie Policy explains what cookies are and how we use them. You should read this policy to understand what cookies are, how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used and how to control the cookie preferences.

Your consent applies to the following domains:

What are cookies ?

Cookies are small text files that are used to store small pieces of information. The cookies are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make the website more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.

How do we use cookies ?

Like most other online services, our website uses cookies first-party and third-party cookies for a number of purposes. The first-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.

The third-party cookies used on our websites are used mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.

What types of cookies do we use ?

The cookies used on our website are grouped into the following categories.

The below list details the cookies used in our website.

CFIDCookie set by Adobe ColdFusion applications. Used in conjunction with CFTOKEN this cookie helps to uniquely identify a client device (browser) to enable the site to maintain user session variables. How those are used are specific to the site. CFID contains a sequential number to identify the client. This cookie is necessary for the careers api.
CFTOKENCookie set by Adobe ColdFusion applications. Used in conjunction with CFID this cookie helps to uniquely identify a client device (browser) to enable the site to maintain user session variables. How those are used are specific to the site. CFTOKEN contains a random number to identify the client. This cookie is necessary for the careers api.
BIGipServerZebedeeThis cookie name is associated with the BIG-IP product suite from company F5. Usually associated with managing sessions on load balanced servers, to ensure user requests are routed consistently to the correct server. The common root is BIGipServer most commonly followed by a domain name, usually the one that it is hosted on, but not always.
viewed_cookie_policyThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
cookielawinfo-checkbox-necessaryThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessaryThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
_gat_dctThis cookie name is associated with Google Universal Analytics, according to documentation it is used to throttle the request rate - limiting the collection of data on high traffic sites. It expires after 10 minutes.
IDEUsed by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. This cookie is necessary to run Youtube videos.
_gat_gtag_UA_38786434_1Google uses this cookie to distinguish users.
_gaThis cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gidThis cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
test_cookieThis cookie is set by DoubleClick (which is owned by Google) to determine if the website visitor's browser supports cookies.
Third-Party Cookies
VISITOR_INFO1_LIVEThis cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. This cookie is necessary to run Youtube videos.
YSCThis cookies is set by Youtube and is used to track the views of embedded videos. This cookie is necessary to run Youtube videos.
GPSThis cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location. This cookie is necessary to run Youtube videos.
_video-distributor-2_sessionThis cookie is set via embedded Vzaar-videos. It registers anonymous statistical data on. It's a required cookie to run Vzaar videos.

How can I control the cookie preferences ?

You can manage your cookies preferences by clicking on the “Settings” button and enabling or disabling the cookie categories on the popup according to your preferences.

Should you decide to change your preferences later through your browsing session, you can click on the “Cookie Settings” tab on your bottom right side screen. This will display the consent notice again enabling you to change your preferences or withdraw your consent entirely.

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more out more on how to manage and delete cookies, visit,

Statistical information that is gathered does not constitute “personal data” for the purposes of the GDPR and the Data Protection Act.

National Orthopaedic Hospital Cappagh is a Data Controller and must comply with certain important rules about how we collect and use personal data. All personal data processed by our Hospital is processed in accordance with the obligations under the GDPR and the Data Protection Act. National Orthopaedic Hospital Cappagh collects, stores and uses large amounts of personal data every day, such as medical or health data, which may be paper-based or held electronically.  We take our duty to protect your personal information and confidentiality very seriously and are committed to taking all measures to ensure it is held securely and only accessed by those with a need to do so.

The healthcare professionals caring for you keep records about your health and any treatment and care you receive.  These records help to ensure that you receive the best possible care and they may be written on paper and/or held on a computer.

Collected information may include:

  • Your name, address, date of birth, in case of emergency (I.C.E), phone number, GP details etc.
  • Information in relation to your appointments.
  • Notes and reports about your health, treatment and care.
  • Results of x-rays, scans, laboratory investigations and other relevant tests.

It is essential that we have accurate and up to date information about you so that we can give you the best possible care.  Please check that your personal details are correct whenever you visit us and inform us of any changes.  This minimises the risk of you not receiving important correspondence.

Information will only be kept on our systems for as long as required for the provision of health services. The hospital follows the HSE’s guidelines on the retention of healthcare records.

In general terms, your records are used to direct, manage and deliver your care so that:

  • Healthcare professionals have the information they need to assess and improve the quality and type of care and treatment you receive.
  • Appropriate information is available if you see another doctor, or are referred to a specialist.
  • Your concerns can be properly investigated if a complaint is raised.

We will retain your information for as long as necessary to provide you with services, and to comply with our legal and regulatory obligations.  The hospital follows the HSE’s guidelines on the retention of healthcare records.

  • Referral letter received by us.
  • Telephone call from external health providers.
  • Attendance at a clinic
  • Forms sent to patients prior to treatment to request information.
  • Admission to the hospital
  • Insurance form completed

We share information about you with others directly involved in your care and we also share more limited information for indirect care purposes; both of these are described below.

Direct care purposes:

We share information about you with other healthcare professionals directly involved in your care so that you may receive the best quality care.

Indirect care purposes:

We also use information we hold about you to:

  • Review the care we provide to ensure it is of the highest standard and quality.
  • Ensure our services can meet patients’ needs in the future.
  • Investigate patients’ queries, complaints and legal claims.
  • Ensure the Hospital receives payment for the care you receive where appropriate.
  • Prepare statistics on the Hospital’s performance from anonymised data.
  • Audit services
  • Undertake heath research that has been approved by the hospital’s Ethics committee. Anonymised data is used as a basis for research purposes.

There may be other circumstances when we must share information with other agencies.  In these rare circumstances we are not required to seek your consent.

Examples of this are:

  • TUSLA – Child & Family Agency where there are reasonable grounds for concern that a child may have been, is being or is at risk of being abused or neglected.
  • An Garda Siochana if the information is essential for the investigation of a serious crime.
  • If there is a concern that you are putting yourself or another person at risk of serious harm.
  • If we have been instructed to do so by a court
  • If your information falls within a category that needs to be notified for public health or other legal reasons, e.g. certain infectious diseases

Subject to your consent, we use your mobile telephone number(s) to remind you of your appointment details via text.  If you no longer wish to receive these reminders you can ‘opt out’ by contacting the Hospital where you can request your telephone number(s) to be removed from the service.

We employ surveillance cameras in and around the Hospital site in order to:
  • protect staff, patients, visitors and Hospital property
  • monitor operational and safety related incidents
We will only retain surveillance data for a reasonable period. In certain circumstances (serious or criminal incidents) we may need to disclose CCTV data for legal reasons.
For access to the full CCTV Data Protection Notice please follow the link here 

You have rights in relation to your personal data, as a data subject.

Important: These rights are subject to certain circumstances & restrictions.

Right of access:
You have the right to ask for access to the information that we hold about you. If you want to receive this information, then you can find details on how to do this on our Accessing Medical and Personal Records page link.

Right to rectification and data erasure:
You have the right to request inaccuracies of your personal data to be corrected.
You have the right to data erasure (also called the right to be forgotten).

Right to restriction of processing:
You have the right to restrict the use of your personal data

Right to object:
You have the right to object to the processing and automated decision making with/of your personal data.

Right to data portability:
You have the right to receive your personal data that you have provided to us in a ‘commonly used and machine-readable format’ and also for us to transfer that data to another controller for you when requested where  technically feasible.

Right to lodge a complaint:
You have the right to lodge a complaint with the Irish Data Protection Commission:
Data Protection Commissioner
Canal House, Station Road
R32 AP23
Co. Laois.

Visit the Data Protection Commission web-site  for more information.

If this privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

We welcome queries, comments or requests you may have regarding this privacy notice information.

Please contact our Data Protection Officer (DPO) at:
01 814 0447

Postal Address:
Data Protection Officer,
National Orthopedic Hospital Cappagh
Cappagh Road
Dublin 11
D11 EV29