Beaumont Hospital Data Protection Impact Assessment for Research and Clinical Trials, released in May 2020

The Beaumont Hospital Deputy Data Protection Officer (DDPO) released a DPIA for Research and Clinical Trials in May 2020 (V4.0)

ADOBE READER was required to populate this form.

As some applicants were having difficulties saving populated forms, a Microsoft Word version (V5.0) was made available for use by the DDPO in January 2021. The Microsoft Version is Version 5.0, and available here

Either version of the form may be submitted. Please ensure all questions are answered and have saved.

A DPIA is required if at least two of these 10 criteria are reached:
  1. Evaluation or scoring- especially to do with someone's work performance or health e.g. a biotechnology firm offering genetic testing to customers in order to predict disease/health risks;
  2. Automated-decision making with legal or similar effect - the processing may lead to discrimination or exclusion;
  3. Systematic monitoring - e.g. cctv in a public space;
  4. Sensitive Data- e.g. health data, genetic data and all article 9 special categories of data;
  5. Data Processing on a large scale;
  6. Datasets that have been matched or combined;
  7. Data concerning vulnerable data subjects - power imbalance between data controller and data subject e.g. patients,children, the elderly, employees, persons with disabilities;
  8. Innovative use or applying technological or organisational solutions - e.g. fingerprint or facial recognition;
  9. Data transfer outside the EU;
  10. Where the processing itself prevents a data subject from accessing a service- e.g. credit screening by banks to decide whether to give someone a loan.

In terms of health research, criteria 4 & 7 nearly always apply, and sometimes 1,5 & 9 also.

Beaumont Hospital

As a result,

a DPIA is required in respect of all research and clinical trials taking place in Beaumont Hospital which involve the processing of personal data for health research.

  • Researchers applying for local research ethics committee approval from the local research ethics committee in Beaumont Hospital submit the DPIA to the Beaumont Hospital Ethics (Medical Research) Committee as part of the submission process -

North Dublin Mental Health Services

Aislin Centre (acute psychiatry in-patient unit located on the Beaumont Hospital Campus and operated by the HSE)

Please note that if you are conducting a research study in the HSE North Dublin Mental Health Services, that a template Data Protection Impact Assessment for Research is being drafted by the HSE Research and Development Department - see website notice here. The HSE Data Protection Officer is the relevant DPO for research taking place in the Aislin Centre (i.e. not the Beaumont Hospital DPO), and the HSE Data Protection Officer and Deputy Data Protection Officer details are here. HSE Researchers applying to the Beaumont REC, and proposing to conduct in-patient research in the Aislin Centre may submit the general HSE Privacy Impact Form (June 2019) as part of their submission to Beaumont Ethics - See PIA Process Guidance (June 2019) for assistance.