General Data Protection Regulation (GDPR) 

Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data. You supply information about yourself to many organisations, including the HSE, in order to avail of services or satisfy obligations. For the purpose of Data Protection, such organisations or individuals who control the contents and use of personal data are known as Data Controllers.

The HSE as a Data Controller must adhere to the principles of data protection which are set out in the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988-2018. 

Furthermore the HSE must be able to demonstrate compliance with the above principles and respond to requests by individuals seeking to exercise their data protection rights (for example the right of access).