Skip to content
#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Some of the email addresses that were shared.
Some of the email addresses that were shared.

Health body apologises after email addresses of 200 job applicants are incorrectly shared in email

The Data Protection Commissioner has been informed of the incident.
Dec 15th 2018, 7:30 AM 27,839 23

A STATUTORY HEALTH body has apologised for a data breach in which the email addresses of unsuccessful applicants to a job were mistakenly shared.

In an email informing individuals that their application had been unsuccessful, the email addresses of about 200 other applicants were shared.

The email, seen by, was sent by the Pre-Hospital Emergency Care Council (PHECC) on Tuesday. PHECC is an independent statutory body which sets the standards for education and training for pre-hospital emergency care in Ireland.

All emergency medical technicians, paramedics and advanced paramedics must be registered with PHECC in order to legally practice in Ireland.

The affected individuals had applied for a clerical role in PHECC’s office in Naas, Co Kildare.

One of the applicants told “What scares me about this leak of data is that although I was unsuccessful, if word had spread to my current employer it wouldn’t have looked too favorably on me and it may have affected my standing in my current role.

“Due to their lack of care and attention it has landed me in a stressful situation worrying that my current employer will find out and affect my current job or income.

“It’s lucky this was only an email address and not my physical address and patient data too.”

‘Genuine error’

Richard Lodge, Director of PHECC, confirmed that the email addresses of the unsuccessful applicants “were mistakenly pasted into the “To” section rather than the “Blind Copy” section of a bulk email and were included in an email sent to all unsuccessful applicants”.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

“Regrettably, this resulted in all unsuccessful applicants having visibility of the email addresses of all other unsuccessful applicants.

The error was noted 18 minutes after sending the email and an apology was immediately sent to all the individuals concerned, requesting that, as the data was not intended for them, the email is deleted from their inbox as a containment measure.

Lodge said a Data Breach Notification was compiled and sent to the Data Protection Commissioner.

“This was a genuine error on our part and we take such incidents very seriously.

“As Director of the Pre-Hospital Emergency Care Council, I would like to take responsibility for this breach and apologise unreservedly for any distress or upset this may have caused to the recipients of the e-mail.”

Lodge added that the organisation is now reviewing its policies and procedures and “seeking to introduce measures that would prevent a repeat of this type of error happening again in the future”.

Send a tip to the author

Órla Ryan


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a comment

    cancel reply
    Back to top