Second hospital in records scandal

A SECOND major facility has become embroiled in the Tallaght Hospital patient records crisis, after admitting it has used the same private transcription firm at the centre of the controversy since 2005.

The Irish Examiner has learned that the Mercy University Hospital (MUH) in Cork has been using the UScribe online transcription company for six years.

The firm is currently at the centre of a garda and Data Protection Commissioner investigation over concerns that patient information at Tallaght Hospital was accessed without permission since 2004, a claim Tallaght initially denied.

The investigation relates to patient records and reports — some containing the names, medical history, date of birth and addresses of patients — which were sent to UScribe from the hospital for transcription.

This move, which took place without the knowledge of patients, resulted in highly sensitive data being sent to third parties in the Philippines before returning as typed-up files to relevant doctors.

In a statement to this newspaper, the Mercy confirmed it has been using an “online transcription company” since 2005. However, a spokesperson said it “has no evidence whatsoever that any patient data has been misused, destroyed or disclosed improperly”.

The spokesperson added that “the hospital has been assured that the company’s security system is intact and that there is no evidence of any systems failure”.

While he declined to confirm the identity of the private firm, the Irish Examiner understands it is UScribe.

Sources have confirmed that, over the past two weeks, senior HSE personnel have been briefed on the use of the private firm by hospitals, including MUH.

The news that the patient records disclosure may have occurred at other facilities came as Tallaght Hospital confirmed it has brought in the gardaí to help investigate how the crisis occurred.

The hospital is also working with the National Bureau of Investigations in the Philippines and the British Information Commissioner.

Earlier this month, the hospital reported a potential data breach to the Data Protection Commissioner. However, at that stage, it publicly denied the allegations as “unsubstantiated”.

Tallaght Hospital’s acting chief executive, John O’Connell, has admitted that some patients may have been named in the records — despite policies stating this should not occur.

It is understood at least one case involves a consultant psychiatrist’s records outlining a patient’s experiences at Artane Industrial School, Dublin. The contract between Tallaght and Uscribe ended in May.

Health Minister James Reilly has asked the HSE to establish if any other hospitals have been affected.

More in this section

Text header

From florist to fraudster, leaving a trail of destruction from North Cork, to Waterford, to Clare, to Wexford and through the midlands ... learn how mistress of re-invention, Catherine O'Brien, scammed her way around rural Ireland.

Execution Time: 0.22 s