THE HSE HAS confirmed that data from at least 520 patients has appeared online.
Late week the Financial Times reported that it had seen screenshots and files proving that medical and personal information belonging to HSE patients had been shared online.
The HSE shut down its IT systems a fortnight ago after it became aware of a significant ransomware attack, with widespread disruption across the health service as a result.
The Financial Times story appeared to be the first confirmation of a data leak since the attack.
The Minister for Heath subsequently confirmed that the leak was genuine and the HSE has now said that it includes “sensitive patient data” and other documents.
“Recently a news publication wrote a story saying they had seen HSE data that had been illegally accessed. We informed the publication of the court order we obtained in relation to this matter last week and asked them to supply it to us, and they agreed,” the HSE said in a statement.
We have examined it and can confirm it is HSE data relating to approx 520 patients, as well as some corporate documents. The data includes sensitive patient data, minutes of meetings and correspondence with patients.The HSE’s Data Protection Office has followed the appropriate procedures, including notifying the relevant health service providers and the Data Protection Commission.The process of notifying the patients involved has commenced. This will involve some further analysis of the data, and we will do this as quickly as possible.
“This data was the initial small tranche of data that was previously reported on, and we are not aware of any further attempted publication of our data. We apologise for the inconvenience caused to our patients and service users.”
An Garda Síochána is investigating the hack as a criminal matter and the HSE says it is working with with gardaí.
To embed this post, copy the code below on your site
have your say