General Data Protection Regulation
HSeLanD has been working extensively in the lead up to the GDPR compliance deadline of May 25th 2018. As a valued member of HSeLanD we are obligated to provide a mechanism for you to be able to contact us if you have any queries or quests in relation to your data.
Please do not use the below facility to report issues such as login difficulties or technical issues. For this type of query or support, please refer to the Help section on the HSeLanD homepage.
If you wish to make a GDPR related request or query, please complete and submit in the provided facility here.
Frequently Asked Questions
Below are some FAQ's in relation to HSeLanD position on GDPR principles.
1. What is GDPR?
The EU’s General Data Protection Regulation (GDPR) was introduced to unify all EU member states' approaches to data regulation, ensuring all data protection laws are applied identically in every country within the EU.
The GDPR governs how the personal data of individuals in the EU may be processed and transferred. It requires organisations who are processing personal data to take responsibility for their processing of personal data and how they comply with the GDPR, and to be able to demonstrate their compliance.
The GDPR came into force on 25 May 2018.
2. What is the lawful basis for HSeLanD processing my data?
Under Article 6 of GDPR the following lawful basis for processing data applies:
Legitimate interests: the processing shall be lawful if it is necessary for the purposes of the legitimate interests pursued by the controller, in this case the HSE, or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
Through HSeLanD, the HSE processes personal data relating to corresponding training records to comply with its legitimate interest to provide employee training details to various organisations and employers within the Irish Health Services and in ultimately serving the legitimate interest of its clients and service users.
3. What are my individual rights - to be informed?
Under GDPR Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the GDPR.
Details of this can be viewed in our Privacy policy located in HSeLanD’s footer and also is presented at sign-up and profile registration update.
If at any time any change in conditions to your individual rights are made, you will be informed and presented with this information.
4. What are my individual rights - of access?
Under GDPR Individuals must have the right to access their personal data.
This is commonly referred to as a Data Subject Access Request (DSAR).
Individuals can make a subject access request by using the submission form opposite. (Select Subject – Individual access request)
HSeLanD has one month to respond to a request.
There is no charge or fee to deal with a request in most circumstances.
As stated, you have the right to request a copy of the information that we hold about you.
However, all of the information we hold about you is fully transparent and available to you by simply logging onto HSeLanD.ie. Access in HSeLanD is provided for you to run, print or download a (Machine transferable) report of all your personal data held within HSeLanD.
5. What are my individual rights - to data portability?
GDPR states that you have a right to data portability, allowing individuals to obtain and reuse their personal data for their own purposes across different services.
HSeLanD Provides access for you to run, print or download a report of all your personal eLearning, classroom & profile data within HSeLanD.
This will allow you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.
6. What are my individual rights - to restrict processing?
GDPR states that Individuals have the right to request the restriction or suppression of their personal data.
This is not an absolute right and only applies in certain circumstances.
If an individual has a wish to challenge this, you can do this by using the submission form opposite. (Select Subject – Restrict processing request)
HSeLanD has one calendar month to respond to a request.
This right has close links to the right to rectification (Article 16) and the right to object (Article 21).
7. What are my individual rights - to rectification?
The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete.
If you have a query or request in relation to the accuracy of your data, please submit by using the submission form opposite. (Select Subject – Rectification request)
HSeLanD has one calendar month to respond to a request.
In certain circumstances we can refuse a request for rectification. However, we will explain any such decision to you directly.
This right is closely linked to the controller’s obligations under the accuracy principle of the GDPR (Article (5)(1)(d)).
8. What are my individual rights - to erasure?
The GDPR introduces a right for individuals to have personal data erased.
The right to erasure is also known as ‘the right to be forgotten’.
Individuals can make a request for this by using the submission form opposite. (Select Subject – Right to be forgotten)
HSeLanD has one month to respond to your request.
Please note in HSeLanD’s case the aforementioned right is not absolute, we will review and revert in regard to your request, however HSeLanD follows the HSE’s policy regarding record retention, which states that electronic files should be retained for seven years after the employees’ term of service has completed.
9. How can I get access to learning and development reports for my organisation?
Access to HSeLanD data is strictly controlled and only available through a limited number of authorised personnel in each organisation.
All requests for HSeLanD data pertaining to Learning and Development reports are assessed for GDPR compliance.
You can request access to this Data by using the submission form opposite. (Select Type - Data Provision Authorisation).
Your request will be reviewed by a member of the HSeLanD team and dealt with appropriately either by referring you to the appropriate pre-authorised HSeLanD Designated Data Manager for your service or you will be provided with a form to complete.
The information in this form will be used in the administration of your data enquiry in line with our responsibilities under all applicable Data Protection laws. It will be treated as confidential and will not be supplied to any third party.
10. What is the HSeLanD cookie & privacy policy?
The HSELanD Cookie and Privacy Policy provides you with information on what personal data we process relating to you. It also provides you with information on what rights you have in relation to this processing and how you can exercise them. You can access it in the footer of the HSeLanD homepage.
11. Can I change my cookie preferences?
There are some strictly necessary cookies which cannot be changed as they are required for HSeLanD to function. However you can set your preference in relation to Performance and Analytical cookies by linking on the link in the footer of the HSeLanD website.