HSELanD has been working extensively in the lead up to the GDPR compliance deadline of May 25th 2018. As a valued member of HSELanD we are obligated to provide a mechanism for you to be able to contact us if you have any queries or quests in relation to your data.
Please do not use the below facility to report issues such as login difficulties or technical issues. For this type of query or support, please refer to the Help section on the HSELanD homepage.
Below are some FAQ's in relation to HSELanD position on GDPR principles.
The EU’s General Data Protection Regulation (GDPR) was introduced to unify all EU member states' approaches to data regulation, ensuring all data protection laws are applied identically in every country within the EU.
GDPR protects EU citizens from organisations using their data irresponsibly and puts them in charge of what information is shared, where and how it's shared.
The GDPR is due to come into force on 25 May 2018, it will still apply to all businesses handling EU residents' data, effectively replacing the Data Protection Act 1998.
Under Article 6 of GDPR the following lawful basis for processing data applies:
Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
HSELanD processes personal data relating to corresponding training records to comply with its legitimate interest to provide employee training details to various organisations and employers within the Irish Health Services and in ultimately serving the legitimate interest of our clients and service users.
Under GDPR Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the GDPR.
Under GDPR Individuals must have the right to access their personal data.
As stated, you have the right to request a copy of the information that we hold about you.
However, all of the information we hold about you is fully transparent and available to you by simply logging onto HSELanD.ie. Access in HSELanD is provided for you to run, print or download a (Machine transferable) report of all your personal data held within HSELanD.
GDPR states that you have a right to data portability, allowing individuals to obtain and reuse their personal data for their own purposes across different services.
GDPR states that Individuals have the right to request the restriction or suppression of their personal data.
The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete.
The GDPR introduces a right for individuals to have personal data erased.
Please note in HSELanD’s case the aforementioned right is not absolute, we will review and revert in regard to your request, however HSELanD’s position is that of its funder (HSE) which clearly sets out in its HSE Records Retention Policy of 2013 HR Section P 38 that all training records in both hard copy and electronic format are to be retained’ indefinitely’ Training records ‘per se’ require the personal data as identifiers.
Access to HSeLanD data is strictly controlled and only available through a limited number of authorised personnel in each organisation.
All requests for HSELanD data pertaining to Learning and Development reports are assessed for GDPR compliance.