Coombe Women's Hospital, Dublin 8 (Register of Users)

Updated March 2019

Does your organisation use the PPSN at present?

Yes

If so, for what purpose?

In the application of Cancer Screening Programme, Cervical Smear Screening, for the purpose of registration of births.

Does your organisation exchange the PPS number with any other body? If so please name the relevant bodies and the purpose(s) of the exchange?

Yes

General Registrars Office for the purpose of registration of births and deaths.

Department of Social Protection for the purposes of administration of schemes.

Cervical Check Screening.

Revenue Commissioner for the purposes of calculation of taxes and deductions.

Does your organisation have any other plans involving the use of the PPS number?

Not at present

There is a duty to ensure compliance with the principles of processing personal data which are set out in Article 5(1) and 5(2) of the GDPR. These principles are summarised as follows

1.Process it lawfully, fairly, and in a transparent manner;

2. Collect it only for one or more specified, explicit and legitimate purposes, and do not otherwise use it in a way that is incompatible with those purposes;

3. Ensure it is adequate, relevant and limited to what is necessary for the purpose it is processed;

4. Keep it accurate and up-to-date and erase or rectify any inaccurate data without delay;

5. Where it is kept in a way that allows you to identify who the data is about, retain it for no longer than is necessary;

6. Keep it secure by using appropriate technical and/or organisational security measures;

7. Be able to demonstrate your compliance with the above principles; and

8. Respond to requests by individuals seeking to exercise their data protection rights (for example the right of access

Have you measures in place to ensure that the Public Service Identity data you hold/collect whether in electronic or written format is in line with the GDPR Principles described above?

Measures are in place throughout the Coombe Women & Infants University Hospital to ensure that data we hold/collect in electronic or written format is safe and secure.

All staff are required to comply with the principles of Data Protection. All staff are made aware of the Data Protection Acts and GDPR through training which is provided at staff induction and on an ongoing basis.

There are processes in place to respond to Subject Access Request and for reporting and follow up of any data breaches that occur within the hospital.