Patient medical records found in a pub and carpark
Patient medical records found in a pub and carpark
A total of 60 data protection breaches were reported in the HSE western region during 2019, and the number more than doubled to 123 last year. File photo: Larry Cummins
WED, 11 AUG, 2021 - 12:23
DARRAGH MC DONAGH
Patients’ medical records from Letterkenny University Hospital (LUH) were found in a pub and in a carpark by members of the public in two separate incidents that occurred in the same five-week period, it has emerged.
In another data protection breach involving the hospital, a patient list was discovered by a passer-by outside a “public premises”, and a patient who was being discharged from LUH was given medications meant for another person.
The incidents were among 230 breaches recorded by the health service in the western region since 2019, according to documents released under the Freedom of Information Act.
Galway University Hospital
At Galway University Hospital (GUH), blood tubes and documents containing a patient’s personal data were recovered from a waste recycling centre in May 2020, while a bag containing documents for confidential shredding was found in general waste.
Another data protection breach occurred when a patient’s blood sample was lost and eventually picked up by a member of the public on the grounds of a mental health facility in the northwest in October 2020.
In the same area, a phone, diary and document relating to a mental health service user was stolen from a Health Service Executive (HSE) worker in October 2019. The phone was encrypted, but had the password written on it.
In March 2020, an employee at GUH “inappropriately” accessed data pertaining to two of their colleagues and shared it with an independent review, while a doctor at the hospital also “inappropriately” accessed records relating to a patient who was not under his care last October.
In another breach, an interview board member from HSE Health Business Service accidentally left a package containing personal data belonging to 18 job candidates at a train station in the region during July 2019.
Other breaches
In August last year, a data protection breach occurred when a patient’s care plan blew away in stormy conditions during a house call by a public health nurse serving Clare, Limerick and North Tipperary.
A number of breaches also occurred during the pandemic. In May 2020, a Covid-19 sample bag went missing, while the results of a test for coronavirus were texted to the wrong patient in the CHO2 area (Galway, Mayo and Roscommon) the following July.
A total of 60 data protection breaches were reported in the HSE western region during 2019, and the number more than doubled to 123 last year. There were 47 reported breaches in the first four months of 2021.
A spokesperson for Saolta University Health Care Group said that the Covid-19 sample bag that went missing in May 2020 was recovered the following day.
“The HSE takes all breaches of data protection seriously and all such cases are fully investigated to establish how they occurred,” they added.
“After we investigate breaches of data protection, we put preventative measures in place to reduce the risk of such breaches happening again. We manage all breaches of data protection in line with data protection legislation and HSE policy.”