Skip to main content

Warning notification:Warning

Unfortunately, you are using an outdated browser. Please, upgrade your browser to improve your experience with HSE. The list of supported browsers:

  1. Chrome
  2. Edge
  3. FireFox
  4. Opera
  5. Safari

Compliance Obligations Register

The HSE Compliance Obligations Register (COR) is a list of statutory, regulatory, and policy obligations that HSE employees must comply with to ensure that HSE services meet high standards for quality and value to the public.

Failure to comply with these obligations undermines public and stakeholder trust in the HSE.

The current COR has about 450 external obligations and over 800 internal obligations (policies, procedures, protocols, and guidelines). The COR will be updated quarterly so that the HSE is aware of any new or changing compliance requirements.

The COR is a valuable resource for HSE employees, particularly those involved in compliance, risk management, audit, and governance.

Why implement a COR?

We must keep a record of compliance obligations to meet regulatory requirements.

A compliance obligations register improves:

  • risk management - by addressing legal and regulatory risks
  • compliance - by identifying which laws and regulations apply to the organisation
  • efficiency - by reducing the time and resources needed to track, document, and report on compliance-related tasks, allowing resources to be directed to the right activities
  • accountability - by effectively managing and tracking obligations to ensure compliance, and owners of principal obligations are identified
  • collaboration between teams and departments - by interactions associated with the register

Compliance Obligations Register Q1 2025

The register contains an overview of HSE obligations (internal and external).

HSE Compliance Obligations Register Q1 2025 (PDF, 944 KB, 14 pages)

Internal obligations (pages 2-9)

Internal obligations include policies, protocols, procedures, guidelines, and HR circulars designated as PPPGs. There are currently over 800 items on the internal register. These obligations are listed in chronological order based on when they were enacted. Many of these PPPGs exist to ensure that the organisation meets its external obligations.

External obligations (pages 10-14)

External obligations include laws, regulations, public policy and directives. Approximately 450 external obligations are currently listed.

Latest updates to the COR

Internal obligation additions in Q1 2025

  • HSE Multi-Factor Authentication Policy (MFA)
  • HSE Patch Management Policy
  • HSE IT Security Audit Logging Policy
  • HSE Virus and Malware Protection Policy
  • HSE Identity and Access Management Policy
  • HSE IT Security Policy Glossary
  • HSE Cyber Security Awareness Training Policy
  • HSE Equipment Sanitation and Disposal Policy
  • HSE ICT Asset Management Policy
  • HSE ICT Disaster Recovery Policy
  • HSE ICT Physical and Environmental Security Policy
  • HSE Network Security Policy
  • HSE Software Policy
  • HSE IT Security Exceptions Policy
  • HSE National Policy on Reimbursement of Expenses for Patient and Service User Partners
  • HSE School Hearing Screening Procedure
  • HSE National Clinical Guideline General Principles in the Management of Paediatric Diabetic Ketoacidosis
  • HSE National Clinical Guideline Management of Paediatric Type 1 Diabetes Patient with a HbA1c greater than 75mmol per mol
  • HSE HR Circular 001 2025 Revision of allowance rates for training in management of Aggression and Violence
  • HSE HR Circular 002 2025 HSE Policy on Fraud and Corruption 2025
  • HSE HR Circular 003 2025 Revision of Domestic Subsistence Rates
  • HSE HR Circular 004 2025 Application of 1 March 2025 Pay Scales
  • HSE HR Circular 005 2025 Payment of Clinical Placement Allowances to Undergraduate Supernumerary Nursing and Midwifery Students
  • National Policy for Child Safeguarding and Wellbeing within Adult Mental Health Services

Internal obligations withdrawn in Q1 2025

  • National Guideline Webinar Toolkit 2023

Internal obligations revised in Q1 2025

  • HSE Password and Passcode Policy
  • HSE Remote Access Policy
  • HSE Information Technology (IT) Security Policy
  • HSE Encryption Policy
  • Policy on Fraud and Corruption (Version 6)
  • National Clinical Guideline - Diagnosis and staging of patients with Prostate Cancer
  • Visual Identity and Naming Guidelines For HSE and Funded Agencies

External obligation additions in Q1 2025

  • Health and Social Care Professionals Act 2005
  • Value-Added Tax Consolidation Act 2010
  • Finance (Local Property Tax) Act 2012
  • SI 1/2025 - Health Act 2007 (Care and Welfare of Residents in Designated Centres for Older People) (Amendment) Regulations 2025
  • SI 2/2025 - Physiotherapists Registration Board Application for Registration Bye-Law 2025
  • SI 3/2025 - Physiotherapists Registration Board Conditions for Registration in the Referral for Radiological Diagnostic Procedures Division Bye-Law 2025
  • SI 16/2025 - European Union (Restrictive Measures against Cyber-attacks threatening the Union or its Member States) Regulations 2025
  • SI 34/2025 - Occupational Pension Schemes (Revaluation) Regulations 2025
  • SI 56/2025 - Building Control (Amendment) Regulations 2025
  • SI 91/2025 - Nursing Homes Support Scheme Act 2009 (Relevant Payments) Regulations 2025

Adding an obligation to the COR

The COR aims to provide a comprehensive list of HSE obligations. We cannot guarantee that all obligations have been included due to the large number of obligations that apply to an organisation of this size.

If you have an obligation to include in the COR or identify an obligation for removal email central.compliancefunction@hse.ie

Contact

Email: central.compliancefunction@hse.ie

Back to Procedures and guidelines