- Back to Data Protection
- GDPR Overview
- Key GDPR Changes
- Data Protection Notice
- UCC's GDPR Project
- Individual Rights
- Data Security Breaches
- Privacy by Design & Default
- Data Protection Impact Assessments (DPIA's)
- Frequently Asked Questions
- Training and Resources
- Data Protection Policy
What is GDPR
The General Data Protection Regulation (GDPR) comes into force across the EU on 25th May 2018. It will replace the current Irish Data Protection Acts, 1988 and 2003.
It standardises and strengthens the right of all European Citizens to data privacy. GDPR emphasises transparency, security and accountability for organisations that collect, use, share and store personal data. At the centre of the new law is the requirement for organisations to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities.
While many of the main concepts and principles of GDPR are much the same as those in our current Data Protection Acts, GDPR introduces new elements and significant enhancements which UCC is required to accommodate.
Why is GDPR Important
UCC is an organisation that processes significant amounts of personal data about its students, staff, research participants, and many others. People are increasingly aware of their rights and expect organisations like UCC to protect their personal data.
The GDPR very significantly increases the obligations and responsibilities for organisations like UCC in how we collect, use and protect personal data. At the centre of the new law is the requirement for organisations to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities.
What this means for UCC
The UCC Data Protection project 2012/2013 enabled the University to comply with the current Data Protection Acts. A project to enable GDPR compliance is now underway which builds on this solid foundation.
The Irish Data Protection Commissioner has specified the following 12 steps to achieve compliance with GDPR and the UCC GDPR project reflects this approach.