If you plan to conduct research in St James's Hospital you will need to submit an application to the Research and Innovation Office ( R&I) Office. The R&I Office approves research proposals and provides research support to staff.
What does the review process include?
A submission to the R&I Office can be made in parallel with an Ethics Committee and the Health Products Regulatory Authority (HPRA) submission, if required. The application will be reviewed by the R&I Office team, the Data Protection Officer and the Legal and Insurance Office. It will also be reviewed by relevant sub-committees such as the Clinical Research Facility Operations Team or the Nursing Research Access Committee, if applicable.
You can apply to the R&I Office by completing an online application form.
If you are on the campus of St James's Hospital, you can access the link directly from the R&I Office intranet site. Otherwise, please email; email@example.com to receive the link to the external research application form.
More information about the application process is available in the guidance section. It also includes information that might be helpful when planning your project, such as the ethics application requirements, data protection and informed consent.
Definition of consent in Article 4(11) of the GDPR
Article 4(11) of the GDPR defines consent as: “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”
Recital 171 of the GDPR makes clear you can continue to rely on any existing consent that was given in line with the GDPR requirements, and there’s no need to seek fresh consent. However, you will need to be confident that your consent requests already met the GDPR standard and that consents are properly documented.
Email; firstname.lastname@example.org if you are in doubt about any of the conditions below.
Asking for consent
i. Specific Article 6(1)(a) confirms that the consent of the data subject must be given in relation to “one or more specific” purposes and that a data subject has a choice in relation to each of them.26 The requirement that consent must be ‘specific’ aims to ensure a degree of user control and transparency for the data subject. This requirement has not been changed by the GDPR and remains closely linked to the requirement of 'informed' consent. At the same time it must be interpreted in line with the requirement for 'granularity' to obtain 'free' consent.27 In sum, to comply with the element of 'specific' the controller must apply: (i) Purpose specification as a safeguard against function creep, (ii) Granularity in consent requests, and (iii) Clear separation of information related to obtaining consent for data processing activities from information about other matters.
ii. A project may involve multiple processing operations for more than one purpose. In such cases, the data subjects should be free to choose which purpose they accept, rather than having to consent to a bundle of processing purposes. Recital 43 clarifies that consent is presumed not to be freely given if the process/procedure for obtaining consent does not allow data subjects to give separate consent for personal data processing operations respectively (e.g. only for some processing operations and not for others) despite it being appropriate in the individual case. Recital 32 states “Consent should cover all processing activities carried out for the same purpose or purposes. When the processing has multiple purposes, consent should be given for all of them”.