Probe urged into data security
A patients’ group made the call after the Irish Examiner revealed that dozens of laptops, USB sticks, and smartphones containing unspecified “sensitive” unencrypted data have disappeared over the past four years.
The situation includes 52 laptops, 13 USB sticks, three BlackBerrys, and one iPhone — 51 of which held sensitive information on patients and the system, and 20 of which had no encryption defences in place.
It mirrors a similar scandal between 2004 and 2008 — which led to officials claiming the problem would not be repeated.
The Irish Patients’ Association said the latest security problems show this 2008 promise to improve the safety of sensitive information has failed to be properly acted on.
As a result, it said the Data Protection Commissioner must now open an investigation to ensure detailed patient files are being adequately protected from falling into the wrong hands.
“Considering the previous reassurances by [the HSE’s chief executive in 2008] Prof Brendan Drumm, and the continuing loss of unencrypted equipment since then, this warrants a special investigation by the Data Protection Commissioner,” said Stephen McMahon, chairman of the Irish Patients’ Association.
“With such an amount of equipment and data, whether it’s information on patients or staff or other issues, it’s important for the commissioner to ensure proper security on data is maintained.
“Somebody needs to be held accountable.”
A spokesperson for the Data Protection Commissioner said the office is examining its files to confirm whether the HSE told the independent watchdog about all 69 of the latest information leaks.
The spokesperson said this process is likely to take a number of days due to the filing process in place.
When the issue last hit the headlines in summer 2009, after 15 laptops containing sensitive information were stolen from health service offices in Roscommon, the Data Protection Commissioner publicly chastised the HSE for failing to inform the organisation until the robbery was reported in the media.
The spokesperson said the HSE has since improved its record of informing the commissioner of incidents.
Meanwhile, Sinn Féin health spokesman Caoimhghín Ó Caoláin said that the latest data security breaches are “disgraceful” considering the salaries of senior HSE officials.
“The revelation through media Freedom of Information Act inquiries that a mass of sensitive information, including individual patients’ files, have been stolen from or lost by the HSE since the end of 2008 can only be described as disgraceful,” he said.
“This debacle is an indictment of the HSE’s senior management. Some 110 HSE senior managers are on salaries of over €100,000 per annum yet they have not been able to ensure the protection of data relating to people in the care of the HSE, and to people using the health and personal social services.”
CONNECT WITH US TODAY
Be the first to know the latest news and updates
