This page will help to inform you about how The Mater Hospital uses and protects personal data.

The European General Data Protection Regulation (GDPR) is now in force and this page will be updated regularly to provide information and guidance on how our hospital is complying with Data Protection Law.

At the Mater Hospital we are committed to the principles of transparency, accountability and security of the Data Protection Acts 1988 to 2018 and the General Data Protection Regulation (GDPR). We have put in place appropriate technical and organisational measures to ensure and to be able to demonstrate that our data processing is compliant.


The General Data Protection Regulation (GDPR) replaces the old data protection laws in the European Union. The GDPR gives individuals greater control over their personal data by setting out additional and more clearly defined rights for individuals whose personal data is collected and processed by organisations. The GDPR also imposes obligations on organisations that collect personal data.

GDPR is based on the core principles of data protection. These principles require organisations and businesses to:

  • collect no more data than is necessary from an individual for the purpose for which it will be used
  • obtain personal data fairly from the individual by giving them notice of the collection and its specific purpose
  • retain the data for no longer than is necessary for that specified purpose
  • to keep data safe and secure
  • provide an individual with a copy of his or her personal data if they request it

Under the GDPR individuals have the significantly strengthened rights to:

  • obtain details about how their data is processed by an organisation or business
  • obtain copies of personal data that an organisation holds on them
  • have incorrect or incomplete data corrected
  • have their data erased by an organisation, where, for example, the organisation has no legitimate reason for retaining the data
  • obtain their data from an organisation and to have that data transmitted to another organisation (Data Portability)
  • object to the processing of their data by an organisation in certain circumstances
  • not to be subject to (with some exceptions) automated decision making, including profiling

Personal data is any information that can identify an individual person. This includes a name, an ID number, a postal address, online browsing history, images or anything relating to the physical, physiological, genetic, mental, economic, cultural or social identity of a person.

A data controller is a person, or group of people, who determines the purposes and means of processing of personal data. The Mater Hospital is a data controller.

The GDPR provides the following rights for individuals:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure/right to be forgotten
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling

The Data Protection Commissioner has a useful Guide to the Rights of Individuals under the General Data Protection Regulation (GDPR) available here.

Yes, you can see your information on request. Just contact us by email at or phone 01 803 4311. Alternatively, you can fill out our Subject Access Request Form. We will need to confirm your identity before we release the information.

If you are unhappy with our response to your request, you can contact the Data Protection Commission:
Data Protection Commission
Canal House
Station Road
Co. Laois

Tel: 1890 252 231

Information on how and why we process your personal data online is available in our web privacy notice. The Mater Hospital follows best practice in order to protect the confidentiality, integrity and availability of its information processing systems and services. If you need additional information about this you should contact the Data Protection Officer.

Yes, the Mater Hospital has a Data Protection Officer. Our Data Protection Officer monitors how we collect, use, share and protect information to ensure data subject rights are fulfilled. You can contact our Data Protection Officer at:

Data Protection Officer,
Mater Misericordiae University Hospital,
Eccles St, Dublin 7,
D07 R2WY

Phone: +353 1 803 4035