On this page you can find information on how the National Patient Experience Survey Programme meets information governance requirements.
What is information governance?
Information governance is a means of ensuring that all data, including personal information, is handled in line with all relevant legislation, guidance and evidence-based practices.
How the National Patient Experience Survey Programme meets information governance requirements
The National Patient Experience Survey Programme is committed to using the information that it collects in a manner that is fair, secure and respects the privacy of the survey participants.
The Privacy Impact Assessments were conducted at a point in time of the project, and reflect the status of the project at that stage.
How long do we keep information?
Personal data collected to administer the survey will be deleted once all surveys have been sent out and all responses have been processed. By not keeping data for any longer than required, the National Patient Experience Survey Programme complies with the Data Protection Acts 1988, the Data Protection (Amendment) Act 2003 and the European Union General Data Protection Regulation (GDPR).
The table below outlines the schedule for the destruction of data collected as part of the National Patient Experience Survey. The survey responses are anonymous and may therefore be retained indefinitely.
Table: Record retention and destruction schedule
|#||Data collected||Period of deletion/destruction|
|1||Personal data (collected to administer the survey)||destroyed six weeks after the survey closes, to allow for administration of the survey|
|2||Hard copy survey responses||destroyed four months after the survey closes|
|3||Survey codes||destroyed four months after the survey closes|
|4||Survey responses||anonymised survey responses are retained indefinitely by HIQA|
Data subject access requests
Under data protection legislation, individuals have the right to know if an organisation or individual is holding information about them. They also have the right to access this information. A guide to your rights is available on the website of the Data Protection Commissioner.
To make a request under the Data Protection Acts, please submit your request, and the fee if applicable in your case, in writing to email@example.com
or alternatively to the address below:
Data Protection Officer
Health Information and Quality Authority
Unit 1301, City Gate,
Cork, T12 Y2XT.
Access Requests for research purposes
If you would like to request access to the data for research purposes, please click here.