National Haemophilia System

The National Haemophilia System provides an accurate and up to date Electronic Health Record (EHR) for all haemophilia patients and patients with other blood and clotting disorders in Ireland.

The treatment of haemophilia patients and patients with other blood and clotting disorders is provided by the HSE through a combination of HSE managed hospitals and Voluntary hospitals. Patients receive their treatment through three comprehensive care centres and a haemophilia treatment centre which are located at Cork University Hospital, Galway University Hospital, St. James’s Hospital Dublin, and Children’s Hospital Ireland (CHI) at Crumlin.

The HSE is responsible for the provision of medical treatment and care in public hospitals throughout Ireland. The HSE (through Galway University Hospital and Cork University Hospital), St James’s Hospital and Children’s Hospital Ireland (CHI) at Crumlin are jointly responsible for management and operation of the National Haemophilia System.

The National Haemophilia System will collect and process the following information

• Personal details such as name, address, date of birth, contact telephone number, next of kin etc.
• The patients General Practitioners (GP) name, address and contact telephone number.
• Data concerning the patient’s health and lifestyle.
• Data concerning any relevant medical treatment and care the patient may have received in the past.
• List of prescribed and un-prescribed medications which a patient is currently using and/or was using

The National Haemophilia System will use the information collected about each patient for the following purposes:

• To help plan & provide patients treatment & care 
• To communicate with patients during their treatment & care 
• To record the patients treatment & care 
• To ensure appropriate information is available if a patient needs to be referred to another health care professional or to another part of the health service 
• To ensure a patient’s concerns can be properly investigated if a complaint is raised. 
• To help train and teach healthcare students and staff

Summary information may also be used in an aggregate form for the following purposes: 

• To help plan and assess current services 
• To help plan services for the future
• For statistical purposes 
• For quality assurance programmes

A patient’s information will only be available to others on a strict “need to know” basis. For example, the health care professionals and the administrative staff within the hospital which are providing a patient’s treatment and care will have access to the patient’s information. However in certain situations a patient’s information may be shared with other health care professionals and staff from other health care facilities, or other parties, for example:

• Referrals: When a patient is transferred from one hospital to another hospital or
  another type of healthcare facility.
• Second opinion: The health care professionals providing a patient’s treatment and care
  may wish to seek advice regarding the patient’s treatment from other more senior
  health care professionals based at another hospital or healthcare facility.
• After care: As part of a patient’s treatment and care, the patient may need support at
  home, such as a visit from a public health nurse or social worker.
• Discharge notifications: The patient’s General Practitioner (GP) will receive a summary of
  the patient’s treatment and care.
• Notifiable diseases: Under the Infectious Diseases Regulations 1981, and subsequent
  amendments, we are legally required to notify the Health Protection Surveillance Centre
  if a patient is diagnosed with a notifiable infectious disease.
• Private Health Insurance: In the case of private patients, we can share relevant
  information about the patient with the patient’s health insurance provider so we can get
  paid for the patient’s treatment and care.
• Order of a Court: We can share your information in response to a court order or a
  subpoena.

Yes, the HSE (through Galway University Hospital and Cork University Hospital), St James’s Hospital and Children’s Hospital Ireland (CHI) at Crumlin are legally obligated under the Data Protection Acts and the EU General Data Protection Regulation (GDPR) to ensure all personal data collected about its patient’s is kept private and confidential.

In order to comply with their legal obligations Galway University Hospital and Cork University Hospital), St James’s Hospital and Children’s Hospital Ireland (CHI) at Crumlin have implemented a series of human, organisational and technological controls to protect all information stored on the National Haemophilia System.

A patient’s information will only be kept on the National Haemophilia System for as long as is legally necessary. The legal retention period for the different types of medical records is published within the HSE Record Retention Policy and a copy of this Policy is published on the HSE website.

All Health Research undertaken using information stored on National Haemophilia System will be carried out in accordance with the Data Protection Act 2018 (Section 36(2)) (Health Research) Regulations 2018

In accordance with the Data Protection Act 2018 (Section 36(2)) (Health Research) Regulations 2018, in most circumstances any proposed Health Research being undertaken using your personal data will require your explicit consent.

Under the EU General Data Protection Regulation (GDPR) you have the following rights:

• Right of access – you have the right to request a copy of the information that we hold about you.
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
• Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
• Right to restriction of processing – where certain conditions apply, you have a right to restrict the processing of your information. MP-TheNCC-120 National Haemophilia System Patient Information Leaflet, Version 3, Oct, 2019 Page 5 of 5
• Right of portability – where certain conditions apply, you have the right to have the information we hold about you transferred to another organisation.

If you wish to exercise any of these rights, you can submit a Subject Access Request (SAR), to the following Data Protection Officer (DPO) in the hospital where you are receiving your treatment and care:

Cork University Hospital
HSE Data Protection Officer (DPO)
dpo@hse.ie

Galway University Hospital
HSE Data Protection Officer (DPO)
dpo@hse.ie

St. James Hospital
St James’s Hospital Data Protection Officer (DPO)
dataprotection@stjames.ie

Children’s Hospital Ireland (CHI) at Crumlin
CHI@Crumlin Data Protection Officer (DPO)
dpo@olchc.ie

When submitting a SAR, the hospital may need information from you to confirm your identity. Once your identity has been confirmed, the hospital will supply you with your information free of charge, however, as permissible by law we may charge a reasonable fee if we believe your request is clearly unfounded, excessive or repetitive.

In the event that the hospital refuses your request under rights of access, the hospital will provide you with a reason as to why they have refused your request. You will then have the right to make a complaint to the Data Protection Commission (DPC)

In the event that you wish to make a complaint about how your personal data is being processed by the hospitals, or how your SAR has been handled, you have the right to lodge a complaint directly with the Data Protection Commission (DPC) at www.dataprivacy.ie