HSE investigates how patient documents ended up on Cork street
Labour candidate found sheet of paper containing personal data of CUH patients
According to the HSE, Cork University Hospital is taking the data breach very seriously and is currently investigating the incident. Photograph: Provision
The Health Service Executive has begun an investigation into how a document from a Cork hospital with sensitive patient information ended up on a city street where it was found by a local election candidate.
The HSE said “a responsible citizen” had returned a single sheet of paper containing the personal information of a number of people earlier this week.
According to Labour Cork South Central local election candidate Luke Field, he found the printout containing data on patients at Cork University Hospital (CUH) as he returned to his home near Cork city centre on the night of April 26th last. He returned it to the HSE four days later.
“I was amazed to see it. I was walking home with my partner and we spotted something near the apartment block that seemed to have people’s names and other information on it, so we picked it up and took it inside before it could be blown all over town by Storm Hannah,” said Mr Field.
“It wasn’t until we had taken a closer look that we realised the nature and extent of the data – patient names, ward locations, assigned physicians, treatment details, admission and expected discharge dates, and other matters,” he added
“On the reverse, there were supplementary details for some patients, including dates of births, reasons for missing appointments, and – added in pen – some contact details. What’s particularly troubling is that many entries were identifiable as minors, as they were listed in a children’s ward.”
According to the HSE, its local data protection officer was satisfied the correct procedure was followed in retrieving the data after it was advised of the breach and it had since contacted all the affected persons to notify them of the data breach.
“The hospital concerned is taking the data breach very seriously and is currently investigating the incident. The breach was reported to the Data Protection Commission and all data subjects will be contacted in line with HSE policy,” said the HSE in its statement.