Mental Health Commission

Our Values: Dignity and Respect, Human Rights, Confidentiality, Quality, Accountable and Transparent, Person-Directed

Learn more about the Mental Health Commission

Data Protection and Access Requests

Introduction

The EU General Data Protection Regulation 2016/69 (GDPR) was introduced on 25 May 2018. It was transposed into Irish law by the enactment of the Data Protection Act 2018. This European and national legislation regulates the processing of personal data of a living person (known as a ‘data subject’). Essentially, it is designed to strengthen the protection of the rights and freedoms of data subjects.

The Mental Health Commission (MHC) is fully committed to the protection of the rights and freedoms of individuals whose personal data it holds. For further information on how the MHC collects, stores and uses personal information relating to data subjects, please see the MHC’s Data Protection Statement.

Data Controller

The Mental Health Commission is a Data Controller for all personal data collected for the purpose of its activities.

Contact details of the Data Protection Officer (DPO)

Should you have questions about how the MHC uses your information or you are concerned about any issue related to your personal data, you may contact the DPO. The contact details are as follows:

Data Prectection Officer

Your data protection rights

Under data protection legislation, data subjects have designated rights. Subject to certain restrictions, which are set out below, you can exercise these rights in relation to your personal data that is processed by the MHC. The data subject’s rights are:

  1. The right to be informed about the processing of your personal data
  2. The right to access your personal data
  3. The right to rectification of your personal data
  4. The right to erasure of your personal data
  5. The right to data portability
  6. The right to object to processing of your personal data
  7. The right to restrict processing of your personal data
  8. Rights in relation to automated decision making, including profiling

How can I access my personal data (Data Subject Access Request)?

To make a request, please write to the Data Protection Officer, Mental Health Commission, Waterloo Exchange, Waterloo Road, Dublin 4 or email DPFOI@mhcirl.ie. In your correspondence, you should:

  • state that you are making your request under the GDPR and Data Protection Act 2018
  • provide as much information as possible about the records you require
  • specify how you would like to receive the records – that is, would you like to receive the records by post or by email?

Alternatively, you may use the Data Subject Access Request Form.

Please note: Before you are given access to personal information relating to yourself, you will be asked to provide proof of identity. These are as follows;

  • a copy of your identification bearing your full name and photograph (for example, passport, driver’s licence, etc.)
  • proof of address to which the materials will be sent (for example, the top of a utility bill bearing both your name and address) – this must be less than 6 months old

This is requested to ensure that information is released to the appropriate person and postal/email address.

Third party authorisation

When making a Data Subject Access Request, you may request that your records be sent to a third party who you appoint (e.g. a solicitor, health professional, family member, etc.). If you choose to do so, you must complete this form and attach it to your letter, email or Data Subject Access Request form.

Privacy Policy

The MHC’s privacy policy is available here.

Further guidance on data protection

The Data Protection Commission (DPC) is the supervisory body for the GDPR in Ireland. Its website provides general information on the GDPR and other relevant information on the protection of the rights and freedoms of individuals in relation to the processing of their data. The DPC can be contacted as follows:

Data Protection Commission,
21 Fitzwilliam Square South,
Dublin 2,
D02 RD28

Website: www.dataprotection.ie
Phone: (0761) 104 800 or (057) 868 4800

Back to top

Contact Details

Waterloo Exchange, Waterloo Road, Dublin 4

Ph: 353(1) 636 2400

Fax: 353(1) 636 2440

Eircode: D04 E5W7

GPS coordinates: 53°19'58.6"N 6°14'36.9"W