HSE logged 2,000 data breaches last year including more than 1,000 relating to Covid-19 vaccination certificates

The HSE reported more than 2,000 data breaches last year including almost 1,050 where Covid-19 vaccination certificates were sent to the wrong person.

Other incidents notified by the health services including the discovery of patient lists outside a public premises in Donegal and on the grounds of a hospital in Galway.

In June, a breach was reported where a third party had accessed data related to Covid-19 testing in “an unauthorised manner”.

There were also dozens of cases where appointment letters were sent to the wrong person or to the wrong address or email account, according to records released under FOI.

Missing files were also reported on numerous occasions as was one case where a car was broken into and an “appointment book disturbed”.

In Galway, old patient medical charts were accessed by a third party who had entered a derelict property in the county.

Another case involving a disability service in Co Clare saw the personal information of a service user shared with their ex-partner.

In Limerick, a patient chart was located by a member of the public in June while in one breach, the incorrect results of interview ratings in a job competition were disclosed to third parties.

There were also deliberate breaches reported including one in the west of the country where an employee “intentionally accessed [the] medical records of [a] colleague”.