-
Courses
Courses
Choosing a course is one of the most important decisions you'll ever make! View our courses and see what our students and lecturers have to say about the courses you are interested in at the links below.
-
University Life
University Life
Each year more than 4,000 choose University of Galway as their University of choice. Find out what life at University of Galway is all about here.
-
About University of Galway
About University of Galway
Since 1845, University of Galway has been sharing the highest quality teaching and research with Ireland and the world. Find out what makes our University so special – from our distinguished history to the latest news and campus developments.
-
Colleges & Schools
Colleges & Schools
University of Galway has earned international recognition as a research-led university with a commitment to top quality teaching across a range of key areas of expertise.
-
Research & Innovation
Research & Innovation
University of Galway’s vibrant research community take on some of the most pressing challenges of our times.
-
Business & Industry
Guiding Breakthrough Research at University of Galway
We explore and facilitate commercial opportunities for the research community at University of Galway, as well as facilitating industry partnership.
-
Alumni & Friends
Alumni & Friends
There are 128,000 University of Galway alumni worldwide. Stay connected to your alumni community! Join our social networks and update your details online.
-
Community Engagement
Community Engagement
At University of Galway, we believe that the best learning takes place when you apply what you learn in a real world context. That's why many of our courses include work placements or community projects.
Data Protection
Data Protection Breaches Process
What is the Data Protection Breaches Process?
Protecting personal data is a critical consideration for all of us at University of Galway.
We are required under national and European law to take appropriate measures against unauthorised or unlawful processing and against accidental loss, destruction of or damage to personal data.
Any breach of the Data Protection Acts 1988 - 2018 and the European General Data Protection Regulation 2016 may render the University liable to action by the Data Protection Commissioner and by the person affected by the breach.
All University of Galway users of personal data have a responsibility to ensure that they process such data in accordance with the Data Protection Acts 1988 - 2018 and in accordance with the General Data Protection Regulation 2016.
The University’s Data Protection Officer has a key role in this. All data breaches, whether accidental or not, should be reported to the Data Protection Officer so that appropriate advice can be given, and appropriate action can be taken, where possible to contain the breach or to advise any individuals likely to suffer distress or inconvenience as a result. Throughout the breach management process records should be kept of what action has been taken and by whom.
In the case of a personal data breach, University of Galway is obliged to notify the personal data breach to the Office of the Data Protection Commissioner within 72 hours, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
A data security breach can happen for several reasons:
• Loss or theft of data or equipment on which data is stored
• Inappropriate access controls allowing unauthorised use
• Equipment failure
• Human error
• Unforeseen circumstances such as a fire or flood
• Hacking
• ‘Misrepresentation’ offences where information is obtained by deceiving the organisation who holds it.
Where a personal data breach has occurred, there are four important elements to any breach management plan:
1. Containment and recovery
2. Notification of Breach
3. Assessment of ongoing risk
4. Evaluation and response
If you believe a data breach has occurred, or are unsure whether a data breach has occurred, the best course of action is to contact the University Data Protection Officer for advice.
Training on data protection matters is made available to staff by the Data Protection Officer.
Further Information
Roles & Responsibilities
Please see below for a detailed accountability matrix and the key contacts for this area.
Data Protection Officer
If you have any queries on Data Protection Breaches, please contact the dataprotection@nuigalway.ie
Other Key Contact
If you have additional queries on Data Protection Breaches, please contact Data Protection Officer
Data Protection Breaches RACI
Click here for the Data Protection Breaches RACI
RACI Explained
RACI stands for Responsible, Accountable, Consulted and Informed. See below for a further explanation.
RESPONSIBLE "Doer"
The person or group who is assigned to ensure the works is completed to meet the goals, objectives and overall quality as expected, who will report to the accountable team as to progress, and calls out any risks or impediments to that success
ACCOUNTABLE "Buck Stops Here"
The person or group who is ultimately answerable for the correct and thorough completion of the workstream, ensures the prerequisites are met to support success, and delegates the work to those responsible
CONSULTED "In the Loop"
The person or group in two-way communications in relation to the process or decision
INFORMED "FYI"
The group or person kept informed of the decision or process
Breach Reporting is a fundamental function of the Data Protection Office(r). The Data Protection Office have a wide range of other roles within the University and other policies which are relevant to that role are:
QA 442 Record Retention Policy
QA 402 Data Classification Policy
