Special rules apply to international transfers of personal data.
General Data Protection Regulation (GDPR) applies data protection rules across the European Economic Area (EEA). This includes all EU countries and Iceland, Liechtenstein and Norway. Transferring personal data to a destination outside the EEA (known as a third country) must comply with transfer mechanisms prescribed by GDPR.
- FAQs relating to Schrems II, new standard contractual clauses and HSE compliance requirements and glossary to FAQs
- Glossary of data protection terms
Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems
Documents
HSE Transfer Impact Assessment (TIA) form (Word, 84KB, 13 pages)
To request the Schrems compliance legal FAQ, and for queries, email:
For OoCIO international data transfer queries
- Chris Meehan, OoCIO Research and evidence office Chris.Meehan@hse.ie
- OoCIO helpdesk OoCIO.NationalServiceDesk@hse.ie
For regional queries (for projects or data processing involving international data transfers not under governance of OoCIO):
- West - Deputy Data Protection Officer ddpo.west@hse.ie
- Dublin North-East - Deputy Data Protection Officer ddpo.dne@hse.ie
- Dublin mid-Leinster - Deputy Data Protection Officer ddpo.dml@hse.ie
- South - Deputy Data Protection Officer ddpo.south@hse.ie
- National – DPO and Head of Data Protection dpo@hse.ie
For health research queries on international data transfers (for ethically-approved studies):
- Research and Development ResearchandDevelopment@hse.ie
- Research Ethics Committee Hse.rec@hse.ie
For legal issues or queries relating to completing the Transfer Impact Assessment (TIA), contact Office of Legal Services ols@hse.ie