Choosing a course is one of the most important decisions you'll ever make! View our courses and see what our students and lecturers have to say about the courses you are interested in at the links below.
Each year more than 4,000 choose NUI Galway as their University of choice. Find out what life at NUI Galway is all about here.
About NUI Galway
About NUI Galway
Since 1845, NUI Galway has been sharing the highest quality teaching and research with Ireland and the world. Find out what makes our University so special – from our distinguished history to the latest news and campus developments.
Colleges & Schools
Colleges & Schools
NUI Galway has earned international recognition as a research-led university with a commitment to top quality teaching across a range of key areas of expertise.
- Research & Innovation
- Business & Industry
- Alumni, Friends & Supporters
At NUI Galway, we believe that the best learning takes place when you apply what you learn in a real world context. That's why many of our courses include work placements or community projects.
Steps to ensure GDPR Compliance
Steps to be taken by Unit/School/Institute or Centre Heads to ensure Compliance with GDPR
Steps to be taken by unit/school/institute/centre heads to ensure compliance with GDPR:
1. Review and have your team review the University Data Protection Policy and related policies and procedures.
2. Take and have your team take University Data Protection Training which is advertised through HR Staff Training and Development.
3. In accordance with the University Data Protection Policy and related procedures, complete on an annual basis the University Template for records of processing available at: NUI Galway Unit Data Protection Records of Processing Template In summary, this template seeks to ascertain why your unit are holding the personal data? How did your unit obtain the personal data? What is the legal basis for processing the personal data? How long will your unit retain it? How secure is it, both in terms of encryption and accessibility? Does your unit ever share it with third parties and on what basis might it do so? How long are your unit keeping the personal data for and why? The following guide can be used as an aide to complete the template: NUIG Guide to completing Data Protection Records of Processing Template
4. If collecting personal data from any individuals directly ensure that they know who(i.e the University) is collecting it, for what purpose, what personal data is being collected, who is it being transferred to (if anyone), if there will be any transfers outside of the EU and include a link to the University Data Protection website so that the person from whom the data is being collected can be made aware of their data protection rights.
5. If you have a data breach in your unit, please follow the University Data Breach Procedure noting we only have 72 hours to respond to breaches.
6. If your unit receives an personal data access request, please note you have only 30 days to provide the data to the requester.
7. If your unit are marketing externally, your unit/school/institute must have the consent of the individual and must be able to demonstrate that you have the consent.
8. If your unit/school/institute are processing personal data on a large scale, profiling individuals, or using a new technology which impacts on individuals then it must complete a data protection impact assessment using the University template available on the University website. Please consult with the University Data Protection Officer.
9. Privacy of the individual must be meaningfully at the core of any process or project you engage in. This means that you must consider the rights of the individual in every process and project you engage in.
10. If you or a member of your team are engaged in Health Research you must abide by the Health Research Regulations, details of which are available on the University Data Protection webpage.
11. If you are using a third party to process personal data then you must ensure that the third party abides by the University Data Processing Terms and Conditions copies of which are on the University Data Protection webpage.
Other practical tips:
Please click link for flyer with practical tips: GDPR ICT Best Practice
- Please ensure you and your team have taken ISS Security training available at: www.nuigalway.ie/itsecurity
-Ensure Office doors are locked and closed when leaving the office unless there are others still in the office.
-Do not leave doors ajar when leaving except in the cases of emergency or health and safety reasons.
-Staff access to closed offices must be reviewed with security.
-Ensure that personal data is kept secure and is not accessible to passers by.
-Do not leave personal data lying around.
-File personal data away appropriately.
-Regularly review access to all systems, servers and directories and disable access or permissions as required.
-New colleagues must be inducted into unit GDPR Guidelines and University Policies and Procedures available on University webpage.
- Please ensure your team uses the secure NUI Galway systems available.
- Please ensure that each of your team use a strong password and regularly update it.
- Please ensure that each of your team enable auto lock on phones and computers so that if a person steps away from their desk, the phone or computer password protects itself.
- Please ensure all log-off all computers before leaving the office for the evening.
- Do not use unencrypted portable devices such as usb memory sticks.
- Do not give password/pins to others and regularly change passwords and pins.
- When sharing personal data what personal data are you sharing and why does the recipient need to see this data?