Patient Experience

Patient Experience

Are you planning to conduct a research study?

If you plan to conduct research in St James's Hospital you will need to submit an application to the Research and Innovation Office (R&I) Office. This application should be completed with your St James’s Hospital collaborator – they can assist you with the process. The R&I Office approves research proposals and provides research support to staff.

What does the review process include?

A submission to the R&I Office can be made in parallel with an Ethics Committee and the Health Products Regulatory Authority (HPRA) submission, if required. The application will be reviewed by the R&I Office team, the Data Protection Officer and the Legal and Insurance Office. It will also be reviewed by relevant sub-committees such as the Clinical Research Facility Operations Team or the Nursing Research Access Committee, if applicable.


An R&I reference number is needed when applying to the SJH/TUH Joint Research Ethics Committee (JREC). You will receive this number once you submit an R&I application form.



  • You can apply to the R&I Office by completing an online application form.

    If you are on the campus of St James's Hospital, you can access the link directly from the R&I Office intranet site. Otherwise, please email; to receive the link to the external research application form. 

    More information about the application process is available in the guidance section. It also includes information that might be helpful when planning your project, such as the ethics application requirements, data protection and informed consent.

  • Definition of consent in Article 4(11) of the GDPR

    Article 4(11) of the GDPR defines consent as: “any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”

    Recital 171 of the GDPR makes clear you can continue to rely on any existing consent that was given in line with the GDPR requirements, and there’s no need to seek fresh consent. However, you will need to be confident that your consent requests already met the GDPR standard and that consents are properly documented.

    Email; if you are in doubt about any of the conditions below.

    Asking for consent

    • Individuals are asked to positively opt in (i.e. no pre-ticked check boxes or other type of default consent)
    • The consent form is written in clear, plain language and is easy to understand.
    • The consent is specific in why data is collected and what is to be done with it
    • There is separate distinct options to consent separately to different purposes and types of processing.
    • The relevant organisations and any third party controllers relying on the consent are named.
    • Individuals are given the option to withdraw their consent.
    • Individuals are given the option to refuse to consent without detriment.
    • Consent cannot be a precondition of a service. (i.e. the participant was informed that their usual care would not be negatively affected if they chose not to participate)
    • If the consent relates to children age-verification measures (and parental-consent measures for younger children) are in place.

    Recording consent

    • A record is kept of when and how we got consent from the individual.
    • There is a record of exactly what the individual was told at the time of consent (PIL).

    i. Specific Article 6(1)(a) confirms that the consent of the data subject must be given in relation to “one or more specific” purposes and that a data subject has a choice in relation to each of them.26 The requirement that consent must be ‘specific’ aims to ensure a degree of user control and transparency for the data subject. This requirement has not been changed by the GDPR and remains closely linked to the requirement of 'informed' consent. At the same time it must be interpreted in line with the requirement for 'granularity' to obtain 'free' consent.27 In sum, to comply with the element of 'specific' the controller must apply: (i) Purpose specification as a safeguard against function creep, (ii) Granularity in consent requests, and (iii) Clear separation of information related to obtaining consent for data processing activities from information about other matters.

    ii. A project may involve multiple processing operations for more than one purpose. In such cases, the data subjects should be free to choose which purpose they accept, rather than having to consent to a bundle of processing purposes. Recital 43 clarifies that consent is presumed not to be freely given if the process/procedure for obtaining consent does not allow data subjects to give separate consent for personal data processing operations respectively (e.g. only for some processing operations and not for others) despite it being appropriate in the individual case. Recital 32 states “Consent should cover all processing activities carried out for the same purpose or purposes. When the processing has multiple purposes, consent should be given for all of them”.