THE DATA PROTECTION Commission has launched an inquiry into how the HSE stores and retains patient data.

It comes after the HSE notified the Commission of two incidents where an unauthorised third party gained access to historical records.

In November, a TikTok video filmed inside the old St Conal’s psychiatric hospital in Letterkenny, Co Donegal showed many boxes of confidential patient records, some of which appeared to be rotting. 

While some records appeared to be from the psychiatric hospital itself, X-rays, emergency department reports and other general hospital records were also discovered.

A similar breach took place at the site of a Dublin hospital.

In a statement, the Commission said: The inquiry into the HSE concerns the storage and retention of personal data contained in paper records held by the HSE via its use of external storage facilities and breaches of security which were notified to the DPC by the HSE.

“The Breaches notified to the DPC related to two specific locations which accessed by unauthorised third parties and the circulation of videos taken from these locations showing paper medical records located at these facilities.”

Public sector bodies guilty of a data breach can be fined up to €1 million.

The Commission is likely to recommend significant corrective measures to the HSE off the back of the results of the inquiry.

Making a difference

A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

For the price of one cup of coffee each week you can make sure we can keep reliable, meaningful news open to everyone regardless of their ability to pay.