- Online 'UCD Data Privacy & Security Training' - UCD provides online training for employees. More information on how to access the 'Data Privacy & Security Training' in Brightspace is available (opens in a new window)here*.
- In addition to the online training provided on Brightspace, UCD offers training and workshops face-to-face or e.g. via Zoom. Details and dates are advertised through UCD communication channels.
- (opens in a new window)UCD Privacy Talks January 2023 - GDPR Presentations* (UCD Log-on required)
Further Information/Document Links
[* These documents are available via the UCD Connect log-on]
- (opens in a new window)UCD Short Guide on collecting personal data *
- (opens in a new window)UCD Short Guide on writing privacy notices *
- (opens in a new window)UCD Short Guide on data sharing & collaborating *
- (opens in a new window)UCD Short Guide on classifying personal data *
- (opens in a new window)UCD Short Guide to retention of personal data *
- (opens in a new window)UCD Short Guide to Records of Processing Activities (ROPAs) *
- (opens in a new window)UCD Short Guide to DPIAs & Risk Assessments for Low-Risk Projects (including all relevant links and templates)*
- (opens in a new window)UCD - Balancing test / LIA (Legitimate Interest Assessment) Template*
- (opens in a new window)UCD Data Protection ‘PASSPORT’ for Research Projects - Practical tips for UCD researchers *
- (opens in a new window)HRDPN - PRACTICAL GUIDE ON DATA PROTECTION FOR HEALTH RESEARCHERS
- (opens in a new window)UCD Short Guide to Research Project Supervisors know-how*
- (opens in a new window)UCD Short Guide to Research Project Compliance*
- (opens in a new window)UCD - Data Protection Checklist for the selection and acquisition of third party (digital) tools*
- Guide for Deploying Digital Solutions in UCD
- (opens in a new window)UCD - FAQs to Transfer Impact Assessments (TIAs) *
- (opens in a new window)UCD - Template for (international) Transfer Assessment (TIA) / Transfer Risk Assessment (TRA)*
- UCD Cloud Computing Guidance
- UCD IT Security Cloud Security Checklist
- (opens in a new window)UCD Incident Response Flow Chart*
- (opens in a new window)UCD Personal Data Incident & Breach report Form (word) *
- (opens in a new window)UCD sample template for personal data breach notification to affected individuals*
- (opens in a new window)Managing Breaches when Working Remotely*(short video)
- (opens in a new window)UCD Personal Data Protection Incident & Breach Management Guidance*
- (opens in a new window)UCD - Get the Basics Right - Simple steps to avoid data breaches *
- (opens in a new window)UCD - Get the Basics Right - Common Terminology *
- (opens in a new window)UCD - Get the Basics Right - FAQs by Schools regarding Students *
- (opens in a new window)UCD Short Guide to taking images & videos for UCD *
- (opens in a new window)Example of a UCD video/image consent form *
- DPC - (opens in a new window)What is personal data?
- DPC -(opens in a new window) Principles of Data Protection
- DPC - (opens in a new window)Full Guidance on the Principles of Data Protection
- DPC - (opens in a new window)Children Front and Centre- Fundamentals for a Child-Oriented Approach to Data Processing
- EC - (opens in a new window)Ethics and data protection [in scientific research, including H2020]
- DPC - (opens in a new window)Anonymisation and pseudonymisation
- AEDP&EDPS - (opens in a new window)10 Misunderstandings related to ANONYMISATION
- DPC - (opens in a new window)Controller-Processor Relationships
- DPC - (opens in a new window)A Practical Guide to Controller-Processor Contracts: Full Guidance Note
- EC - (opens in a new window)Standard contractual clauses between controllers and processors under Article 28(7)
- EDPB -(opens in a new window)Guidelines on the concepts of controller and processor in the GDPR
- DPC - (opens in a new window)Legal Bases Infographic
- DPC - (opens in a new window)Guidance on Legal Bases for Processing Personal Data
- DPC - (opens in a new window)Full Guidance on Legal Bases for Processing and Data Subject Rights
- ICO - (opens in a new window)What is the 'legitimate interests' basis?
- EDPB -(opens in a new window)Guidelines on Consent
- DPC - (opens in a new window)Risk based approach of GDPR
- DPC - (opens in a new window)Data protection by design and default
- EDPB -(opens in a new window)Guidelines on Data Protection by Design and by Default
- EDPS -(opens in a new window)Quick-guide to necessity and proportionality
- DPC - (opens in a new window)Guide to Data Protection Impact Assessments: Full Guidance Note
- DPC - (opens in a new window)Data Processing Operations which require a Data Protection Impact Assessment
- EDPB - (opens in a new window)Guidelines on the territorial scope of the GDPR
- EDPB - (opens in a new window)Guidelines on Interplay between Article 3 and the provisions on international transfers as per Chapter V of the GDPR
- DPC - (opens in a new window)Transfers of Personal Data to Third Countries or International Organisations: Full Guidance Note
- EDPB - (opens in a new window)2018 Guidelines on Art. 49 Derogations
- EC - (opens in a new window)Standard contractual clauses for the transfer of personal data to third countries (for GDPR Article 46)
- EDPB - (opens in a new window)Measures to supplement transfer tools to ensure compliance with the EU level of protection of personal data
- EDPB - (opens in a new window)European Essential Guarantees for surveillance measures
- DPC - (opens in a new window)Guidance for Controllers on Data Security
- DPC - (opens in a new window)General Portable Storage Device Recommendations
- DPC - (opens in a new window)Full Guidance on General Portable Storage Device Recommendations
- DPC - (opens in a new window)Protecting Personal Data When Working Remotely
- DPC - (opens in a new window)Securing Cloud-based Environments
- DPC -(opens in a new window) Full Guidance on Five Steps to Secure Cloud-based Environments
- DPC -(opens in a new window) (opens in a new window)Full Guidance for Organisations Engaging Cloud Service Providers
- (opens in a new window)https://haveibeenpwned.com/- check if you have an email account that has been compromised in a data breach by entering your email address into: (opens in a new window)https://haveibeenpwned.com/
- Check which third-party apps you gave permission to access your Google Drive by logging into your Google Account entering the link: https://myaccount.google.com/permissions
- (opens in a new window)GDPR Guidance for Health Researcher
- EC - (opens in a new window)Ethics and data protection [in scientific research, including H2020]
- (opens in a new window)HRDPN - PRACTICAL GUIDE ON DATA PROTECTION FOR HEALTH RESEARCHERS
- EDPB -(opens in a new window)Guidelines on Consent
- (opens in a new window)HSE - National Policy for Consent in Health and Social Care Research
- (opens in a new window)Health Research Regulations 2018 (HRR)
- (opens in a new window)Health Research Regulations - 2021 Amendments
- (opens in a new window)#1 Guidance on Explicit Consent Amendment
- (opens in a new window)#2 Guidance on Pre-screening Amendments
- (opens in a new window)#3 Guidance on Retrospective Chart Review Amendments
- (opens in a new window)#4 Guidance on Deferred Consent Amendments
- (opens in a new window)#5 Guidance on Informed Consent under EU Directive Amendments
- (opens in a new window)#6 Guidance on Appeals and Technical Amendments
- (opens in a new window)Health Research Consent Declaration Committee
- (opens in a new window)Health Research Declaration - FAQs
- (opens in a new window)Department of Health - Guidance on Information Principles for Consent
- (opens in a new window)HRCDC Decision Flow Chart for whether a declaration is required or not
- (opens in a new window)EDPB - Questions and Answers on the interplay between the Clinical Trials Regulation (CTR) and the General Data Protection regulation (GDPR)
- (opens in a new window)EDPB - Clarifications on the consistent application of the GDPR, focusing on health research
- DPC - (opens in a new window)Children Front and Centre- Fundamentals for a Child-Oriented Approach to Data Processing
- EDPB - (opens in a new window)ePrivacy interplay with GDPR
- DPC - (opens in a new window)Rules for Direct Electronic Marketing
- DPC - (opens in a new window)FAQ on Consent for Electronic Direct Marketing
- DPC - (opens in a new window)Deep Dive into DPC's Cookies Sweep
- DPC - (opens in a new window)Guidance on Cookies and Similar Technologies