General Data Protection Regulation (GDPR)

The new EU wide General Data Protection Regulations (GDPR) came into effect on Fri 25th May 2018. The primary purposes of the GDPR are;

  • to harmonise data protection regulations across the EU
  • to provide greater safeguards and rights to individuals with regards to their personal data
  • to increase data controllers and data processors responsibilities in terms of transparency, security and accountability
  • to significantly increase the obligations and responsibilities for organisations and businesses in how they collect, use and protect personal data

The legal entity for GDPR is the HSE and Cork University Hospital follows the policies, procedures and guidelines of the HSE with regards to GDPR.


The HSE, as a public service organisation, is obliged to appoint a Data Protection Officer (DPO)

Mr. Joe Ryan is the HSE DPO – contact details for the HSE DPO and the regional Deputy DPO as follows;

  • Mary Deasy
    DDPO HSE South
    T - 021 - 4928538

Relevant HSE Policies & procedures can be viewed here and here

Any specific queries in relation to Cork University Hospital, including ‘subject access requests’ can be emailed to and any data protection queries can be emailed to

Further general information around the GDPR is available from