Papers on GDPR, and the Health Research Regulations

The Health Research Regulations (HRRs) were signed into Irish law on the 8th August 2018, and have had a significant impact on the conduct of research in the Republic of Ireland, as outlined in the following paper:

  • Blanaid Mee et al (July 2020) What GDPR and the Health Research Regulations (HRRs) mean for Ireland: a research perspective


The following editorial explains some key points in relation to GDPR itself:

  • Rik Crutzen et al (May 2019) Why and how we should care about the General Data Protection Regulation

The following article outlines how the HRRs differ from GDPR, and includes a comprehensive legal review:

  • Mary Kirwan et al (July 2020) What GDPR and the Health Research Regulations (HRRs) mean for Ireland: 'explicit consent' - a legal analysis



The Department of Health has -

  1. been considering a number of possible amendments to the HRRs - See press release (8 April 2019) Possible amendments to health research regulations - matters under consideration by the Department of Health


  2. already amended the HRRs to extend the transition period - See press release (29 April 2019) Update: Amendment to Regulation 6 (30th April deadline for explicit consent)


  3. negotiated an informal concession arrangement to allow for the conduct of retrospective chart reviews without the need for 'explicit consent' - See press release (30 April 2019) Retrospective chart reviews


  4. defended the HRRs and argued the case for 'explicit consent' - See Department presentation (25 Nov 2019) GDPR and Health Research Regulations - where we are and why we're there.

    This presentation was given at an Irish Academy of Medical Science (IAMS) Public Meeting - IAMS had commissioned a review of the HRR in 2018, as follows:



In summary, the HRRs have had a significant impact on the conduct of health research in Ireland. Amendments are anticipated, and a full review has been requested.

The lack of harmonisation among EU Member States in relation to GDPR and scientific research has been identified as a cause of concern in the European Commission's 2 year review of GDPR.