��������Ƶ

A Data Sharing Agreement sets out the rules and responsibilities when organizations share personal or sensitive information with each other. Under Irish data protection law, including GDPR, these agreements protect both the data subjects and the organizations involved by clearly defining how shared data will be handled, secured, and used.

Irish public bodies must follow specific requirements when sharing personal data, as outlined in the Data Sharing and Governance Act 2019. The agreement typically covers key points like the purpose of sharing, security measures, data retention periods, and the roles of each party. It helps organizations maintain compliance while safely collaborating on projects or delivering services.

Use a Data Sharing Agreement any time your organization needs to exchange personal data with another entity in Ireland. This includes sharing patient records between healthcare providers, transferring student information between schools, or exchanging customer data with service providers. The agreement becomes essential when handling sensitive information like financial records, health data, or large datasets covered by GDPR.

Put this agreement in place before any data transfer begins—particularly for ongoing sharing arrangements or when working with public bodies under the Data Sharing and Governance Act 2019. It's crucial for projects involving research institutions, government agencies, or commercial partnerships where personal data flows between organizations regularly.

• Data Disclosure Agreement: Focuses on one-time or limited data transfers, with specific terms for handling sensitive information
• Intercompany Data Sharing Agreement: Used between separate companies under common ownership, addressing GDPR compliance within corporate groups
• Third Party Data Sharing Agreement: For sharing data with external vendors or service providers, including strict security requirements
• Intra Group Data Sharing Agreement: Specifically designed for data transfers between subsidiaries or divisions within the same corporate structure

• Public Bodies: Government departments, local authorities, and state agencies must use Data Sharing Agreements under Irish law when exchanging personal data
• Healthcare Providers: Hospitals, clinics, and medical practices sharing patient records with specialists or research institutions
• Data Protection Officers: Oversee agreement compliance, risk assessment, and GDPR requirements within their organizations
• Legal Teams: Draft and review agreements to ensure they meet Irish data protection standards and organizational needs
• IT Departments: Implement technical security measures and data handling processes specified in the agreements

• Data Mapping: List exactly what personal data will be shared, who owns it, and how it will flow between organizations
• Purpose Assessment: Document clear business reasons for sharing data and confirm they comply with GDPR principles
• Security Details: Outline specific measures for data protection, including encryption, access controls, and breach notification procedures
• Retention Planning: Define how long shared data will be kept and methods for secure deletion
• Contact Information: Gather details for key stakeholders, including Data Protection Officers from each organization
• Legal Requirements: Use our platform to generate a compliant agreement that includes all mandatory elements under Irish law

• Parties and Purpose: Full legal names of organizations involved and clear statement of data sharing objectives
• Data Description: Specific categories of personal data being shared, including special categories under GDPR
• Legal Basis: Clear identification of GDPR Article 6 grounds for processing and sharing
• Security Measures: Technical and organizational safeguards for data protection
• Duration and Review: Agreement timeframe and periodic review requirements
• Breach Protocols: Notification procedures and response timelines
• Data Subject Rights: Procedures for handling access requests and other GDPR rights
• Termination Terms: Conditions for ending the agreement and data disposal requirements

A Data Sharing Agreement differs significantly from a Data Processing Agreement in several key ways. While both deal with personal data under GDPR, they serve distinct purposes in Irish law.

• Primary Purpose: Data Sharing Agreements govern the exchange of data between independent controllers, while Data Processing Agreements regulate how a processor handles data on behalf of a controller
• Legal Relationship: Sharing agreements create partnerships between equal parties, whereas processing agreements establish a hierarchical relationship with clear processor obligations
• Scope of Control: In sharing agreements, both parties have decision-making power over data use. Processing agreements restrict the processor to acting only on controller instructions
• Compliance Focus: Sharing agreements emphasize mutual responsibilities and joint security measures, while processing agreements concentrate on processor obligations under Article 28 GDPR