Irish Information Security Forum

Physical Data Security Breach at HSE storage facility

30-May-2024

The Health Service Executive (HSE) has recently been under scrutiny due to new significant data breaches. The breaches, which were related to the storage of paper medical records, has raised serious concerns about security measures in place at the HSE.

The Data Protection Commission (DPC) has opened an investigation into the HSE over these breaches. The breaches were notified to the DPC by the HSE and were related to two specific locations accessed by unauthorized third parties. Videos taken from these locations, showing paper medical records, were circulated on TikTok.

The HSE confirmed that the two separate data breaches occurred in 2023 and has pledged full cooperation with the inquiry.

In a statement, a HSE spokesperson said, "The HSE takes all breaches of data protection seriously and manages all breaches of data protection in line with data protection legislation and HSE policy".

This new HSE data breach serves as a stark reminder of the importance of physical data security as a part of information security responsibility and concerns of any organisation, especially those within the public domain.

References

(1) Data watchdog investigating breaches at HSE - RTÉ. https://www.rte.ie/news/business/2024/0529/1451767-hse-data-breaches/.
(2) paper records at external storage facilities. HSE facing inquiry into two leaks of patient data - MSN
www.msn.com/en-ie/health/other/hse-facing-inquiry-into-two-leaks-of-patient-data/ar-BB1ndXQW
(3) TikTok video revealing access to medical records spurs inquiry into HSE data breaches TikTok video revealing access to medical records spurs inquiry into HSE data breaches – The Irish Times

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

Forum SPONSORS

Invitations for Annual Sponsorship of IISF has now reopened.

(your logo & profile link here)

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

More News

EU Landmark AI Act has been approved by EU Council
The Act will come into force in 20 days but Full implementation is not expected until mid-2026.

DDoS Analysis report for April 2024
Vercara noted that carpet bombing attacks accounted for 65.44% of all observed attacks, a 30% increase compared to March 2024.

IISF Members / Sponsors

secured by edgescan digital security radar logo