Back to All Events

GDPR and The Health Research Regulations

  • 5 CPD Hours Apex Building, Blackthorn Road Sandyford Business District D18 (map)

Role of GDPR when applied to healthcare research, the issue of consent
and how to apply the guidelines

In addition to GDPR and the Data Protection Act, which commenced May 25th 2018, the Health Research Regulations were signed in to law by ministerial order in August 2018. These pieces of law will have a significant impact on how healthcare research is conducted. 

Health research is an integral part of many organisations such as hospitals, general practice, academic institutions, disability services, mental health services, pharmaceutical companies, and bio-banks. All research must now be conducted in compliance with the relevant legislative and regulatory requirements.

Legal responsibility for compliance with these new Data Protection laws will lie with Data Protection Officers, Researchers, Principle Investigators and the organisations engaged in research. Research ethics committees will also have an oversight role. Failure to comply carries the potential of heavy fines and civil litigation.

Healthcare Research must consider many factors when processing personal information, the issue of explicit consent is an obstacle that many researchers are now faced with and it can be confusing to navigate.

This course will provide delegates with clear processes to follow when conducting health research to ensure compliance with the relevant law and guidelines. It will also provide guidance on constructing a DPIA for research purposes. It will clarify the roles of the processor and controller, how to classify which is covered under identifiable, pseudonymised or anonymous data. Delegates will also leave with an informative and invaluable course pack to refer back to. 

Course Content

  • Health Research Regulation, Data Protection Act 2018, GDPR and their impact on Health Research

  • The roles of the data processor and data controller 

  • The 7 principles of GDPR 

  • Knowing the difference between identifiable, pseudonymised or anonymous data

  • The lawful basis for processing data 

  • Conducting a research data risk assessment

  • The methodologies of DPIA 

  • The rights of the subject and how to inform them 

  • Consent 

  • What constitutes a GDPR compliant consent

  • Dealing with capacity issues and consent

  • Consent Declaration Committee

  • Transferring research data outside of the EU 

  • Ongoing Research and their obligations

  • Key risks and risk management 

  • Producing the DPIA report

Who Should Attend?

This course would be relevant to Data Protection Officers, researchers, data processors data controllers or responsible for the implementation and follow-through of your organisation’s Data Protection.


On completion you will receive your CMG MasterClass Certificate of Attendance as well as your CPD Certificate containing 5 Structured CPD Points. Please note certificates are issued only at the close of the training course to participants who complete the full 5 hours.


This training course costs €395 2nd EARLY-BIRD Rate (Normal rate €425).The price includes course documentation and training pack, teas and coffee, snacks, biscuits, fruit on arrival. Lunch is light fare containing freshly cut sandwiches, wraps, a selection of teas and coffee. Alternatively, you can avail of the local food stores and coffee shops within a one-minute radius of the training centre for hot food or alternative lunch options.