Data Protection Acts (the Acts) require that personal data must be obtained for a
specified purpose, and must not be disclosed to any third party except in a manner
compatible with that purpose. The General Data Protection Regulation (GDPR) is a
European directive relating to data protection that was adopted on 27 April 2016 and
came into effect on 25 May 2018. It replaces the data protection directive from
1995.
medicalresearch.ie undertakes to uphold this principle and only to use or disclose the data
collected and held for purposes compatible with the Acts. medicalresearch.ie seeks to assure
users that their information will be treated strictly on a need-to-know basis by
staff.
medicalresearch.ie, stores data on a secure server. This data storage is in compliance with Section 2(b)
(vii) of the Acts that allows for the processing of sensitive data for medical purposes by health
professionals. This is the legal basis relied upon to process your data.
As teaching hospitals with significant academic interests, and belief in academic study
furthering medical knowledge and ultimately benefiting patients, we may use data generated on the site
for research purposes. These data will always be anonymised. The Acts provide that such
uses of data are permitted, even where the subject was not informed in advance,
provided that no damage or distress is likely to be caused to the individual.
The Acts permit us to pass on anonymised or aggregate data, from which individual
subjects cannot be identified. Should it be necessary to pass on individual data, including
identifying details, for research purposes, subject consent will be obtained, in advance.
As a data controller, the Director of Research may use a unique coding, which falls
short of actually identifying the subject, to allow data to be evaluated and undertakes to ensure
that any researcher should not be in a position to associate the dataset provided with an identifiable
individual or group.
medicalresearch.ie seeks to ensure that any personal data are secure and used only for administering
research, any other use will be specifically requested.
Your data are held in a secure database with restricted access. medicalresearch.ie will ensure the
protection of the confidentiality, integrity and security of all data provided to it. No
information will be disclosed if it is the view of medicalresearch.ie that to do so would be a
breach of GDPR. Data are kept for a minimum of 7 years for regulatory and auditing
purposes.