The Data Protection Act 2018 (DPA 2018) is the Irish legislation that gives effect to certain aspects of the EU's GDPR in Ireland.
In particular, the DPA 2018:
- establishes the Data Protection Commission as the State's data protection authority with the means to supervise and enforce the protection standards enshrined in the GDPR (2016/679);
- gives further effect to the GDPR (2016/679) in the limited number of areas in which Member State flexibility is permitted;
- provides for the consequential amendment of certain other enactments; and to provide for related matters; and,
- repeals, for the most part, the previous Data Protection Acts 1998 and 2013.
The DPA 2018 together with the entry into force of the EU General Data Protection Regulation (GDPR) on 25th May 2018 modernises Ireland’s data protection laws in line with the data protection regime across the European Union.
The Data Protection Act 2018 can be viewed in full here.
This guidance has been prepared by the HRB to help researchers in the health domain comply with GDPR requirements.
It is intended to be general guidance for educational and informational purposes only.
It is not legal advice.