Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data.

As with the FOI Acts, these rights extend to your own personal records and in specific circumstances, to those of your children. There are exemptions provided for in the Acts, this means that there are specific circumstances when the requested information will not be released. If any of these exemptions are used to withhold information, the reasons will be clearly explained to you.

HIQA, as a Data Controller must meet our obligations under the Data Protection Act 2018 as outlined below:

  • obtain and process information fairly
  • keep it only for one or more specified, explicit and lawful purposes
  • use and disclose it only in ways compatible with these purposes
  • keep it safe and secure
  • keep it accurate, complete and up-to-date
  • ensure that it is adequate, relevant and not excessive
  • retain it for no longer than is necessary for the purpose
  • provide an individual with a copy of his/her personal data on request.

We request you to apply in writing and simply refer to the Data Protection Act 2018. No fee applies.

If you wish to contact HIQA regarding Data Protection, you can contact Lydia Buckley, Data Protection Officer via email at