Data watchdog launches inquiry into Health Department s processing of personal data thejournal.ie - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from thejournal.ie Daily Mail and Mail on Sunday newspapers.
INM will not be hit with a fine or other regulatory sanction despite the Data Protection Commission (DPC) making a number of findings against the company in relation a 2014 data breach.
The DPC said the company s actions in a data security incident at the heart of the probe were not in compliance with data protection law.
The lack of fine or other penalty is because the case dated before the introduction of the tough General Data Protection Directive (GDPR), the DPC said.
The case dates back to 2014 when data relating to a number of former and then current staff at INM, including journalists and executives as well as external advisors, was allegedly removed from the company s premises and interrogated by outside contractors at the direction of then INM chairman Leslie Buckley.
To print this article, all you need is to be registered or login on Mondaq.com.
The Data Protection Act 2018 (Section 36(2)) (Health Research)
Regulations 2018 (S.I. No. 314/2018) (the
Health
Research
Regulations ), which
contain stringent rules in relation to the collection, use and
sharing of personal data for health research purposes, have been
amended by the Minister for Health by way of the Data Protection
Act 2018 (Section 36(2)) (Health Research) (Amendment) Regulations
2021 (the
2021 Regulations ).
As discussed in a 2019 briefing on the Health Research
Regulations (available here) The
Department of Health had identified retrospective chart reviews,
pre-screening for the purpose of assessing eligibility/suitability
INTRODUCTION
We at IMAGE Publications Limited (“Image”) respect your right to privacy and comply with our obligations under EU Legislation and the Data Protection Acts 1988 to 2018 (“the Acts”). Image Publications Limited, of Unit 3, Block 3, Harbour Square, Crofton Road, Dun Laoghaire, and County Dublin is a Data Controller as defined in the Acts. The purpose of this Website Privacy Policy is to outline how we deal with any personal data you provide to us while visiting this website. Naturally, if you are not happy with this Website Privacy Policy you should not use this website. We are not responsible for the content or the privacy policies of other websites, which may be referenced or linked to on this site.
25 January 2021 Matteo Bruno Freelance Lawyer To print this article, all you need is to be registered or login on Mondaq.com. Do you want to compare other jurisdictions?. Click here
1 Legal and enforcement framework
1.1 Which legislative and regulatory provisions govern data privacy in your jurisdiction?
Since 25 May 2018, the EU General Data Protection Regulation (2016/679) (GDPR) is the main legal framework for data protection in all countries within the European Economic Area, which includes EU member states, Iceland, Norway and Lichtenstein.
In Ireland, the national law that gives further effect to the GDPR is the Data Protection Act 2018 (DPA 2018), which entered into force on the same day as the GDPR. The DPA 2018, in addition, transposed the EU Law Enforcement Directive (2016/680) (LED) into Irish law and provided for the necessary amendments to the previous data protection framework