Skip to main content

Warning notification:Warning

Unfortunately, you are using an outdated browser. Please, upgrade your browser to improve your experience with HSE. The list of supported browsers:

  1. Chrome
  2. Edge
  3. FireFox
  4. Opera
  5. Safari

International transfer of personal data

Special rules apply to international transfers of personal data.

General Data Protection Regulation (GDPR) applies data protection rules across the European Economic Area (EEA). This includes all EU countries and Iceland, Liechtenstein and Norway. Transferring personal data to a destination outside the EEA (known as a third country) must comply with transfer mechanisms prescribed by GDPR.

Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems


HSE Transfer Impact Assessment (TIA) form (Word, 84KB, 13 pages)

To request the Schrems compliance legal FAQ, and for queries, email:

For Technology and Transformation international data transfer queries

For regional queries (for projects or data processing involving international data transfers not under governance of Technology and Transformation):

For health research queries on international data transfers (for ethically-approved studies):

For legal issues or queries relating to completing the Transfer Impact Assessment (TIA), contact Office of Legal Services

Related link

Data Protection Commission: transfers of personal data to third countries or international organisations