Damien English (Meath West, Fine Gael)
Link to this: Individually | In context

Question 288: To ask the Minister for Health and Children if her attention has been drawn to contracts that have been signed for storage outside the State of medical files from hospitals here; if so, the nature of the data that is being stored or that will be stored outside the State; if personal details of citizens are included in such data; the practicalities of ease of access to such data being stored outside the State; if it is her policy to do so; and if she will make a statement on the matter. [37189/09]

Mary Harney (Dublin Mid West, Independent)
Link to this: Individually | In context

The management of medical records, including their storage within or outside the State, must currently comply with the Data Protection Acts 1988 and 2003. Those Acts apply to all personal information. All bodies in Ireland who control and process personal data are obliged under the Data Protection Acts to register with the Data Commissioner and to abide by the rules of Data Protection in accordance with the Acts. The Health Service Executive (HSE) is registered as four separate data controllers/processors, (i) HSE South, (ii) HSE Dublin Mid-Leinster, (iii) HSE Dublin North-East and (iv) HSE West.

The Health Information Bill which is currently being drafted will introduce a specific statutory regime for the collection, use, disclosure, storage and transfer of personal health information which persons and bodies holding such information will be required to adhere to.

The specific issues raised have been referred by my Department to the HSE for direct reply.