Skip to main content

Data protection - HSE staff

Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data.

We must lawfully and fairly process personal data about service users, employees, suppliers and other individuals.

This page contains guidance and forms to help HSE staff in understanding the requirements of data protection regulation.

Policies and guidelines

HSE data protection policy

Data protection procedures for handling requests for access to records (PDF, 330KB, 8 pages)

Privacy Impact Assessment (PIA) process guidance (PDF, 213KB, 10 pages)

Data protection summary leaflet (PDF, 167KB, 2 pages)

Privacy notice employees (PDF, 380KB, 8 pages)

Privacy notice for patients and service users

General Data Protection Regulation (GDPR) - it's everyone's responsibility (PDF, 389KB, 10 pages)

Data breach guidance (PDF, 404KB, 6 pages)

Forms and template letters

Data breach incident reporting form (internal) (to be completed by HSE employees and their line manager). Refer to Data breach guidance (PDF, 404KB, 6 pages)

Data breach incident reporting form (external) (to be completed by data processors when notifying the HSE as a data controller)

Privacy Impact Assessment (PIA) form. Refer to Data protection procedures for handling requests for access to records (PDF, 330KB, 8 pages)

Subject Access Request (SARS) form (PDF, 76KB, 1page)

SARS form as gaeilge (PDF, 171KB, 1 page)

Data protection and GDPR template letters (Word, 51KB, 14 pages)


Request for rectification/erasure of personal data under GDPR (PDF, 209KB, 3 pages)

GDPR data disclosees (PDF, 141KB, 3 pages)

GDPR records of processing activities template (Excel, 3MB)

GDPR faqs (PDF, 178KB, 7 pages)

Subject Access Requests (SARS) poster (PDF, 221KB, 1 page)

Subject Access Requests (SARS) poster as gaeilge (PDF, 81KB, 1 page)

Data Protection Notice (Powerpoint, 495KB, 1 page)

GDPR Staff Notice (PDF, 110KB, 1 page)

Personal data in the HSE poster (PDF, 74KB, 2 pages)

Privacy poster (PDF, 179KB, 1 page)

Related topic

Reduce the risk of a data breach - guidance on safer use of email, handling paper records and protecting personal data


Data Protection Officer

Orlaith Magee, Acting DPO and Head of Data Protection


Area Data Protection Officers

Deputy Data Protection Officer West (excluding voluntary agencies)

  • CHO 1 – Cavan, Donegal, Leitrim, Monaghan, Sligo
  • Community Healthcare West – Galway, Mayo, Roscommon
  • Mid-West Community Healthcare – Clare, Limerick, North
  • Tipperary
  • Saolta Hospital Group

Phone: 091 775 373
Address: Consumer Affairs, Merlin Park University Hospital, Galway

Deputy Data Protection Officer Dublin North-East (excluding voluntary hospitals and agencies)

  • Midlands, Louth, Meath Community Health Organisation
  • Community Health Organisation Dublin North City & County
  • CHO 6 – Dublin South East, Dublin South and Wicklow
  • RCSI Hospital Group
  • National Children’s Hospital

Phone: Kells Office: 046 925 1265
Phone: Cavan Office: 049 437 7343
Address: Consumer Affairs, HSE Dublin North East, Bective St., Kells, Co Meath

Deputy Data Protection Officer Dublin mid-Leinster (excluding voluntary hospitals and agencies)

  • Dublin Midlands Hospital Group
  • Ireland East Hospital Group
  • Community Healthcare Dublin South, Kildare and West Wicklow

Phone: Tullamore Office: 057 935 7876
Phone: Naas Office: 045 920 105
Address: Hospital Campus, Arden Road, Tullamore, Co. Offaly

Deputy Data Protection Officer South (excluding voluntary hospitals and agencies)

  • Cork and Kerry Community Healthcare
  • CHO 5 – Carlow, Kilkenny, South Tipperary, Waterford, Wexford
  • UL Hospital Group
  • South South-West Hospital Group

Phone: Cork Office: 021 492 8538
Phone: Kilkenny Office: 056 778 5598
Address: Consumer Affairs, HSE South, Ground Floor East, Model Business Park, Model Farm Road, Cork T12 HT02

General Data Protection Guidance Regulation (GDPR)

Data Protection Commission

Health Research Board

European Data Protection Board statement

HSE Data Protection and Research

Page last reviewed: 04/11/2021
Next review due: 04/11/2024