University Hospital Limerick patients' records found on footpath

SEPARATE investigations are under way after a print-out of 29 patients’ records were found by a member of the public on a footpath near University Hospital Limerick (UHL).

The Limerick Leader has learned that on Friday afternoon, November 10, a nine-page document was recovered by an individual which contained patients’ details including addresses, date of births, chart numbers and other information.

UHL has confirmed to the Limerick Leader that ‘no detailed information was disclosed in relation to patients’ medical conditions, health status, medications etc’.

A spokesperson for UHL said in a statement to the Limerick Leader: “Personal information for 29 patients was included in a patient list found by a member of the public in a public place. These records were promptly recovered by HSE staff and we thank the individual in question for their responsible actions on the day.”

The member of the public who recovered the document told the Limerick Leader: “My son hates litter and we saw a piece of paper scrunched up on the footpath near the grounds of UHL.

“My son picked it up and handed it to me and I noticed what it was and was shocked, I could not believe it.”

The member of the public considered all options before making a decision on what to do with the document, saying; “I thought about handing it back into the hospital but I did not want to give it into the wrong hands so I called the hospital and they directed me to the correct member of the HSE to hand it back to.

Limerick cervical cancer survivor urges young people to avail of life-saving HPV vaccine

‘Protect yourself against serious illness later in life’: Cervical cancer survivor urges young people to avail of HPV vaccine

“I just imagined if it had my name on that document and how I would feel and I knew I would be angry and I knew what I had to do.”

The spokesperson confirmed that the incident has been reported to the Data Protection Commissioner saying; “This incident has been reported to the Data Protection Commissioner, has been raised as an incident under the hospital risk management system and is being managed under the HSE national policy on data protection.

“It has been categorised as low risk. Details of this incident have been shared with the relevant areas as has national guidance on the generation and disposal of hardcopy patient lists.

“This incident remains under active investigation and any learnings will be shared with our staff.”

The Data Protection Commission confirmed to the Limerick Leader that they ‘received a breach notification from the HSE on this matter and are currently engaging’ with the them in their investigation of the breach.

The hospital group has stressed that the matter will be handled with care saying; “We take our obligations to protect patient information very seriously.

“Our Information Governance Office is staffed by personnel trained in data protection and who offer regular advice and training to all staff.

“There is mandatory training for every staff member on the Fundamentals of GDPR, which is the relevant EU regulation around data protection.”