This site uses cookies to improve your experience and to provide services and advertising. By continuing to browse, you agree to the use of cookies described in our Cookies Policy. You may change your settings at any time but this may impact on the functionality of the site. To learn more see our Cookies Policy.
OK
#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 13 °C Saturday 15 August, 2020
Advertisement

The HSE divulged salary details of one of their employees to a person 'who asked for them'

There was a nearly 50% jump in data breaches notified to the data protection commissioner Helen Dixon in 2014.

Image: Shutterstock/RTimages

AN EMPLOYEE OF the Health Service Executive had details of his salary given to his ex-wife by his employers after she simply asked for them.

The story has come to light as part of the Irish Data Protection Commissioner (DPC) Helen Dixon’s annual report for 2014.

The HSE worker became aware of the situation when his ex-wife took to him to court in the summer of 2013 regarding maintenance payments and produced exact details from his payslips.

In December 2013 she returned to court and this time produced her ex-husband’s P60 together with four separate payslips.

When questioned on the matter by the commissioner the HSE acknowledged that on two separate occasions their employee’s salary details were released without his consent, although only one of the people responsible for the disclosures was identified.

It seems that the breaches resulted from persistent requests on the part of the ex-wife’s accountants to the HSE regarding payments her former partner was obliged to make following court orders.

The HSE offered a letter of apology to their employee but he chose to reject the offer, instead requesting a formal judgement from the DPC, which was duly made in his favour.

Other cases that the commissioner was obliged to deal with included:

  • Dun Laoghaire Rathdown County Council accidentally disclosing a private email address to third parties in April 2014
  • Eircom failing to meet the statutory timeframe (40 days) for processing an access request in September 2013
  • Private data of a large number of third level students (including email addresses and passwords) being found on third party websites in 2010

dixon2 Source: YouTube

In introducing the report Dixon, who took over the DPC role from Billy Hawkes last September, said that “data protection is, you will be unsurprised if I tell you, a very fast-moving field”.

2014 saw almost a 43% increase in the number of data breaches notified to the DPC from 1,583 in 2013 to 2,264.

Dixon maintains that her office is in a “stronger-than-ever position to continue, in Ireland and beyond, helping to shape the data-protection environment and ensuring proper compliance with the relevant laws”.

Audits of an Garda Síochána and a number of private investigators were among the official duties performed by the DPC in 2014, while one of the most significant challenges they faced was the controversy surrounding Irish Water and its accumulation of customer’s PPS numbers.

Read: Facebook can recognise you in photos even if it can’t see your face

Read: Parents registering their kids for GP care were shown other people’s details

  • Share on Facebook
  • Email this article
  •  

Read next:

COMMENTS (15)