Patient Experience

Patient Experience

About this Notice


St James’s Hospital is committed to ensuring the privacy and confidentiality of your personal information.

St James’s Hospital must comply with the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988 to 2018. 

The purpose of our privacy notice is to clearly communicate to you how St James’s Hospital handles your personal information. It will give you a better and more complete understanding of the type of personal information that the hospital holds and how we handle that information. The full privacy notice is detailed in the document below. Supplementary privacy notices detailing processing activities, including processing activities that may be subject to a HRCDC declaration, will also be available here.

Privacy Notice

COVID-19 Privacy Notice

Privacy Myco Bovis

  • The EU General Data Protection Regulation (GDPR) requires that data controllers provide certain information to people whose information (personal data) they hold and use. A privacy notice is one way of providing this information. 

    A privacy notice should identify who the data controller is, with contact details for its Data Protection Officer. It should also explain the purposes for which personal data are collected and used, how the data are used and disclosed, how long it is kept, and the controller’s legal basis for processing.

    The EU General Data Protection Regulation (GDPR) came into force on the 25th of May 2018. It replaces the Data Protection Directive 95/46/EC and is designed to harmonise data protection laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations across the region approach data privacy.

    Under the General Data Protection Regulation (EU) 2016/679, St. James’s Hospital is a “Controller” in respect to personal data that you provide to us.

  • The term ‘personal data’ means any information relating to an identifiable person (called a data subject) who can be directly or indirectly identified, in particular by reference to an identifier. This definition provides for a range of personal identifiers which can includes name(s), identification number(s), location data or online identifiers.

  • You have rights in relation to your personal data, as a data subject.

    Important: These rights are subject to certain restrictions.

    Right of access:

    You have the right to ask for access to the information that we hold about you. If you want to receive this information, then you can find details on how to do this from our Access to Information Office.

    Right to rectification and data erasure:

    If your personal data is inaccurate, you have the right to have the data rectified. If your personal data is incomplete, you have the right to have data completed, including by means of providing supplementary information.

    You have the right to request that your data is erased in certain limited circumstances (this does not generally apply to medical records).

    Right to restriction of processing:

    You have a limited right of restriction of processing of your personal data by a data controller.

    Right to object:

    You have the right to object to certain types of processing of your personal data where this processing is carried out in connection with tasks:

    • in the public interest,
    • under official authority,or
    • in the legitimate interests of others.

    Right to data portability:

    You have the right to receive your personal data that you have provided to us in a ‘commonly used and machine-readable format’ and also for us to transfer that data to another controller for you when requested where technically feasible.

    Right to lodge a complaint:

    You have the right to lodge a complaint with the Irish Data Protection Commission, contact details listed below and in the Privacy Notice document.

How to contact St James's Hospital about privacy issues

  • If you have questions or comments about this privacy notice, you can contact us:

    By Letter:
    Data Protection Officer
    St James's Hospital
    Dublin 8

    By email:  

    By telephone: (01) 410 3021

  • If:
    1. St James's Hospital does not agree to provide you with access to your personal information, or
    2. You have a complaint about our information handling processes,
    you can lodge a complaint with or contact our Data Protection Officer on the details above or directly with the Data Protection Commission. Full contact details can be found in section 2.1 above or on their website 

How St James's Hospital handles your personal information when you visit our website

This section of our privacy notice explains how we handle your personal information which is collected from our website: (collectively website hereafter)

  • When you use our website, we do not attempt to identify you as an individual user and we will not collect personal information about you unless you specficially provide this to us.

    Sometimes, we may collect your personal information if you choose to provide this to us via an online form or by email, for example if you:

    • submit a general enquiry via our contacts page
    • register for an event or request information, or
    • send a written complaint or enquiry to our privacy officer.
  • A "cookie" is a small bit of data our server sends to your browser that allows our server to identify and interact more effectively with your computer. Cookies do not identify individual users, but they do identify your internet service provider (ISP) and your browser type.

    This website uses temporary cookies. This means that upon closing your browser, the temporary cookie assigned to you will be destroyed and no personal information is maintained which will identify you at a later date.

    Personal information such as your email address is not collected  unless you provide it to us. We do not disclose domain names or aggregate information to third parties other than agents who assist us with this website and who are under obligations of confidentiality. You can configure your browser to accept or reject all cookies and to notify you when a cookie is used. We suggest that you refer to your browser instructions or help screens to learn more about these functions. However, please note that if you configure your browser so as not to receive any cookies, a certain level of functionality of the St James's Hospital website and other websites may be lost. 

  • We may create links to third party websites. We are not responsible for the content or privacy practices employed by websites that are linked from our website.

  • We will only use personal information collected via our website for the purposes for which you have given us this information.

    We will not use or disclose your personal information to other organisatoins or anyone else unless:

    • you have consented for us to use or disclose your personal information for this purpose
    • you would reasonably expect or we have told you (including via this privacy notice) that your information is usually or may be used or disclosed to other organisations or persons for a related (or for sensitive information) or directly related purpose
    • the use or disclosure is required or authorised by law
    • the use or disclosure will prevent or lessen a serious and/or imminent threat to somebody's life, health or safety or to public health or public safety, or
    • the disclosure is reasonably necessary for law enforcement functions or for the pretection of public revenue.

    If we receive your email address because you sent us an email message, the email will only be used or disclosed for the purpose for which you have provided and we will not add your email address to an emailing list or disclose this to anyone else unless your provide us with consent for this purpose.

  • If we collect your personal information from our website, we will maintain and update your informaton as reasonably practical and necessary or when you advise us that your personal information has changed. 

  • St James's Hospital is committed to protecting the security of your personal information. We use technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect the privacy of information. We will take all reasonable steps to prevent your information from loss, misuse and alteration.