Data Protection Commissioner raises 14 areas of concern over patient information in hospitals

An investigation into data protection in hospitals has raised concerns about the personal information of patients being exposed.

The Data Protection Commissioner has raised 14 matters of concern and made a number of recommendations.

The investigation involved physical inspections of hospitals and HSE facilities across the country last year, and focused on how sensitive personal data and patient files are dealt with.

It was the first investigation of its kind that has ever been carried out in Ireland.

Concerns in 14 different areas were identified including a lack of restrictions to the accessing of medical records with a potential risk of staff snooping through the records of family members, friends or others out of sheer nosiness or for more sinister purposes.

The recommendation is for more robust controls on how that information is protected and less staff having access to it in the first place.

Another area of concern is how patient observation charts are kept. The report found that many are left outside rooms meaning anyone walking by can see the personal data of patients.

The report says that practice should be stopped and that charts should be stored more securely.

    The matters of concern which arose are set out in the following 14 categories:

  • Controls in Medical Records Libraries
  • Security
  • Storage of Patient Observation Charts in Hospital Ward Settings
  • Storage of Patient Charts in Trolley Bins in Ward Settings
  • Storage of Confidential Waste Paper Within the Hospital Setting
  • Disposal of Handover Lists and Patient Lists
  • Use of Fax Machines
  • Lack of Speech Privacy
  • Absence of Audit Trails
  • Raising Awareness of Data Protection in Hospitals
  • Consent for Research
  • The Processing of Private Health Insurance Information in Hospitals
  • Maternity Service Users
  • Data Retention

When it comes to privacy, there is a recommendation for more private spaces to be made available after concerns conversations between patients and staff are being easily overheard by third parties.

The Data Protection Commissioner says each hospital will need to support the implementation of the recommendations.

- Digital Desk


More in this Section

Pope Francis 'should visit Tuam, imagine the message that would’ve sent'

Co Cork road closed after two-car collision

Video: Woman (50s) arrested after car crashes into gates of Government Buildings

Gardaí appeal for witnesses after double stabbing in Limerick


More From The Irish Examiner