Sensitive patient records found on Cork city street
Documents with sensitive patient data identifying children and adults, details of surgical procedures, and reasons for missing appointments have been found on a busy city-centre street in Cork.
The highly personalised information relating to patients attending Cork University Hospital (CUH) for plastic surgery was discovered by Luke Field, a Labour Party local election candidate in Cork City South Central.
Children are readily identifiable because dates of birth are included, as well as references to different childrenâs wards at CUH, including Ladybird, Seahorse, and Puffin.
Details of procedures listed include âright eyebrow laceration repairâ, âextensor [tendon] injury to left thumbâ, âlaceration left ear lobeâ, and âdebridement left lower leg [removal of dead tissue to promote wound healing] & VAC [vacuum assisted drainage] and removal of fibular plateâ.
The data includes admission and discharge dates, the treating clinicians, and whether the patient is public or private.
Mr Field discovered the data on a printout lying on the ground as he returned to his home on South Terrace on the night of Friday, April 26.
ââI was walking home with my partner and we spotted something near the apartment block that seemed to have peopleâs names and other information on it, so we picked it up and took it inside before it could be blown all over town by Storm Hannah,â Mr Field said.
He attempted to contact the data protection offer for the HSE South over the weekend, but the office was closed.
Mr Field then contacted CUH and was advised by a staff member to deliver it to hospital reception in a sealed envelope, where it would be followed up on Monday.
âI took the decision not to follow this advice as I wanted to hand it back to someone with direct data protection responsibility,â Mr Field said.
He returned the data to the HSE South consumer affairs officer on Tuesday morning.
Mr Field said he has extensive experience in relation to data protection protocol, âhaving dealt extensively with volunteer lists as deputy chair and canvassing officer of the Together for Yes campaign in Cork during last yearâs referendum to Repeal the Eighth Amendmentâ.
He said either the HSEâs data protection protocols arenât robust enough, âor staff arenât being properly trained to implement themâ.
He said HSE Consumer Affairs had reported the matter to the Data Protection Commission âbut, as with most things in the health service, prevention is better than cureâ.
âSenior management should really take responsibility for this, rather than hope it goes away or to blame individual staff members,â Mr Field said.
The Irish Examiner asked CUH if it could explain how patientsâ details were found on the street in the city centre.
The HSE failed to respond to the query.
The CUH data breach follows on from another breach earlier this week in relation to sensitive data from Our Lady of Lourdes Hospital, Drogheda, as revealed by Mr Fieldâs Labour colleague Senator Ged Nash.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
