Data Leak Investigation at Tallaght University Hospital Involves CHI Healthcare Group
In a recent development, the Data Protection Commission (DPC) of Ireland has initiated an inquiry into Children's Health Ireland (CHI) regarding the physical safety and security of children's personal health records at the CHI facility on the Tallaght University Hospital (TUH) campus.
The investigation stems from concerns about the security of the CHI facility, where hundreds of children's patient records are stored. It was reported that the room was not locked and could be easily accessed by anyone within the building. This potential breach was first brought to the attention of the DPC by multiple sources.
The DPC became aware of potential issues at the site from various sources of information. After reviewing the information, the DPC conducted an unannounced site inspection on 16 July. The site inspection confirmed data-protection issues in relation to patient records at the CHI facility.
CHI, in cooperation with the DPC, is working to address these concerns. The organisation prioritises the protection of patient information and ensuring all personal data is handled in accordance with legal obligations. The breach was also reported by CHI in a breach notification.
The DPC's inquiry will focus on CHI's compliance with GDPR obligations, particularly in regards to the security of personal data and the management of physical records at CHI (Tallaght).
While there is no specific timeline for the conclusion of the investigation, it could potentially be concluded more quickly than usual due to the urgency and seriousness of the matter.
This investigation into CHI is part of a broader regulatory environment focusing on protecting sensitive personal data, including that of children. Ireland's Data Protection Commission actively investigates data privacy breaches involving major entities, such as its ongoing inquiries into Meta Platforms Ireland Limited for GDPR infractions.
There is a history of significant concerns about data security and breaches within the Irish Health Service Executive (HSE) and related health and child welfare bodies. This includes the 2021 major ransomware attack impacting HSE systems and the Child and Family Agency (Tusla), which affected access to childcare and protection records.
A Commission of Investigation was established in 2025 to investigate handling of historical child sexual abuse in schools, indicating broader government scrutiny of child welfare institutions. Although this isn’t directly connected to CHI Tallaght, it reflects the context of heightened oversight concerning children's records and data protection.
For the most current and detailed information on this issue, it would be advisable to consult official DPC press releases, Children's Health Ireland announcements, or government communications directly, as these sources would report any formal investigations, timelines, findings, or remediation efforts related to data security concerns at the Tallaght facility.
Read also:
- Weekly happenings in the German Federal Parliament (Bundestag)
- Southwest region's most popular posts, accompanied by an inquiry:
- Discussion between Putin and Trump in Alaska could potentially overshadow Ukraine's concerns
- Massive 8.8 earthquake hits off the coast of Russia's Kamchatka Peninsula, prompting Japan to issue a tsunami alert.
