Principle 3 - Confidentiality
This principle is applicable to all sites, even if your site does not host patient records or store any medical or personal data.
Your site must describe its privacy policy regarding how you treat confidential, private or semi-private information such as email addresses and the content of emails received from or sent to your visitors.
You must inform your visitors whether their data will be recorded in your own database, who can access this database (others, only you, nobody), if this information is used for your own statistics (anonymous or not), or if these statistics are used by third party or other companies. You must also declare if your site uses cookies.
Even if one or more of these points are not relevant to your site, you must state how you handle the following information sent to you by your visitors: (email addresses or/and contact information, names, personal or medical data).
Note:
-In the section describing your privacy policy, mention for which countries the site undertakes to honour or exceed the legal requirements for medical/health information privacy.
Collaborative Websites:
The platform must have a privacy policy. It must underline the fact that everyone can read a post and use its content. It must be clearly stated if the platform user has the possibility to modify or erase his posts.
