Information in the form of data is at the core of the Health Service Executive’s (HSE) activities. The security and privacy of this data, especially patient and client personal data, is of the upmost importance to the HSE. In order to maintain public confidence in the HSE and the delivery of our services to the public, the HSE and its staff, agents, representatives, contractors and data processors must ensure they process and protect this data in accordance with the relevant legislation and the HSE’s policies, procedures and guidelines.
Privacy Impact Assessment for the Individual Health Identifier
A privacy impact assessment examines the measures that need to be put in place to protect your personal information. Privacy Impact Assessments are particularly important in health and social care settings.
Click here for the IHI Privacy Impact Assessment
Public Consultation on the IHI Privacy Impact Assessment
A public consultation on the PIA was undertaken to help us ascertain if we had identified sufficient safeguards to protect patient privacy.
Check out the animation below or the infographic for further detail.
IHI Service Data Protection Policy
In 2014, the Health Identifiers Act was enacted and this allowed for the creation and operation of a unique Individual Health Identifier (IHI) for any person using a health or social care service in Ireland and the establishment of a national IHI register. The Minister for Health delegated the authority to establish and operate the IHI to the HSE and the HSE IHI Business Service is responsible for this. As the IHI includes an individual’s personal data, the HSE is legally required to ensure that all personal data is processed in accordance with the Health Identifiers Act, the Data Protection Acts, GDPR and other statutory and legal obligations.
The IHI Service Data Protection Policy aims to provide clear guidance and instruction to HSE staff, agents, representatives, contractors and data processors on the appropriate, safe and legal way in which they can make use of the information stored on the IHI register.
Memorandum of Agreement
On November 8th 2016, a Memorandum of Agreement was signed with the Department of Social Protection for the provision of Public Service Identify Records for the population and maintenance of the IHI Register allowing for the population of the IHI Register with approximately 6.2 million records for known residents of Ireland. A revised Data Sharing Agreement was signed with the Department of Employment Affairs and Social Protection in 2019.
On receipt of the data from the Department of Employment Affairs and Social Protection, the HSE will become responsible for the personal data which it has received, i.e. it is the data controller for information received from that point.