General Data Protection Regulation (GDPR)
Our GDPR Statement
The National Perinatal Epidemiology Centre (NPEC) processes data in operation of its national clinical audits. It is a data controller and is committed to complying with the EU General Data Protection Regulation (GDPR) and the Irish Data Protection Bill (DPB) 2018.
The NPEC has an internal team with responsibility to assess the requirements of the GDPR and DPB and to plan a programme of work to achieve compliance. We are working with our partner organisations to ensure this work programme is delivered and we will subsequently revise our policies and procedures as appropriate in order to ensure continuing GDPR and DPB compliance.
Our work programme is comprised of:
• Policy Development: we are reviewing and developing our range of policies to ensure they meet GDPR and DPB standards.
• Data Inventory: we have undertaken an inventory of the data we process and control in order to ensure transparency regarding how personal data is used.
• Data Protection Officer (DPO): the NPEC is liaising with its Data Protection Officer, based in University College Cork, in order to deliver compliance.
• Individuals Rights: we are working to ensure we have policies and processes in place to guarantee individual’s rights.
• Data Protection Impact Assessments (DPIA): we will endeavour to ensure that DPIAs are embedded into our processes and undertaken where required.
• Supplier relationships: we are working to ensure that our third party suppliers are complying with the GDPR and DPB.
If you have any further queries about data protection in the NPEC, please contact Linda Drummond, firstname.lastname@example.org