HSE Audit: Risk of identification due to lack of safeguards in foster payments

An audit has found that children in foster care could possibly be identified because of “insufficient safeguards” in the overall payment process.

HSE Audit: Risk of identification due to lack of safeguards in foster payments

The audit into foster care payments completed for Tusla by HSE South East last June found a range of issues, including overpayments, data protection concerns, and that the Child in Care register for the local Tusla service area office was maintained on a Microsoft Excel spreadsheet.

This was because of the absence of a bespoke, dedicated computerised system and, according to the audit, “did not adequately comply with the statutory requirements”.

“The medium through which the register is maintained is not conducive to ensuring the preservation of accurate and complete data due to the risk of being open to corruption by inadvertent data entries or deletions by end users,” it said.

“Across the overall payment process there were insufficient safeguards in place exposing a risk to the level of confidentiality maintained in relation to the identification of children in care and their foster carers.”

The audit said shortcomings in the validation process and a lack of segregation of duties at local Tusla service area level between the process of setting up vendors and the payment preparation process did not provide assurance that payments processed are appropriate and accurate. The reporting of overpayments and accounting for debtors was also inadequate, it said.

In response, the Child and Family Agency said Tusla is investing considerable resources into its NCCIS (National Child Care Information System) project and the proposed accompanying linked payments system.

“It is unreasonable to divert resources and budget into a solution which will only be in place in the interim,” it said.

Other audits also highlight financial concerns. A review of financial management including residents’ property in a mental health hostel, dating from last May, identified two unofficial HSE bank accounts (Account A and B) maintained by the parent Mental Health Hospital in HSE South East.

One account was used to manage rental income raised from the 10 hostels within the mental health services area, without derogation and written approval for its use. The audit “ascertained that the use of bank accounts other than the official HSE account is systemic within the Mental Health Service in the CHO 5 (HSE South SE) area”.

Another audit, this time into administration of payroll at University Hospital Waterford, dating from January 2016, found a lack of appropriate approval of payroll transactions and a lack of appropriate levels of internal checks, and overpayments totalling €11,784 net.

An internal audit on the secondment of staff in HSE South from last June found HSE human resources did not have a record of staff secondments while HR in Cork University Hospital did not have a database of its staff on secondment. It also found that some secondments had already stopped but the HSE had not been informed.

In another instance the audit found CUH is currently bearing costs of about €90,000 annually for an employee on placement external to the HSE South.

More in this section

War of Independence Podcast

A special four-part series hosted by Mick Clifford

Available on

Commemorating 100 years since the War of Independence