Fears that the NHS Choices website is allowing data about visitors to be gathered by social networking sites and third party firms, have been voiced to the Information Commissioner’s Office (ICO), which has begun investigating the claims.
Analysis of the privacy policy which governs visitors to the site shows that anyone who lands on a page that has a Facebook element embedded, will have data relating to their visit and actions harvested.
In particular the specific time and date, along with the page visited, browser used and operating system installed on the visitors PC, will be taken by Facebook. IP address information will also be gathered, according to reports, with those who are simultaneously logged into the social networking site having their profiles directly linked to this data.
A statement from the Department of Health explained that the data was being harvested in order to improve the way that the NHS Choices site operates, based on how users are accessing its pages and services.
The ICO spoke to V3.co.uk and said that health-related details were essentially the definition of personal, private data. It explained that it had requested for the NHS to provide details as to whether third party organisations would be privy to the specific health data accessed by each user.
Privacy expert, Mischa Tuffield, said that although the NHS Choices privacy policy pointed out that certain pages with obvious Facebook elements would harvest data about users, in her experience, this was not entirely accurate since other pages which should not be included under this definition had still been shown to send data back to the social networking site.
Tuffield said that although the NHS was within its rights to improve services both online and off by gathering user data, it should also give consideration to the privacy of its customers.
The Department of Health has dismissed claims that it has breached the terms of the Data Protection Act with the data harvesting activities of the NHS Choices website.
It said that such eventualities are brought about because of the way in which Facebook operates, not the site itself, with advice for future users being that they should sign out of Facebook before visiting, to avoid being monitored.