The National Haemophilia System provides an accurate and up to date Electronic Health Record (EHR) for all haemophilia patients and patients with other blood and clotting disorders in Ireland.
The treatment of haemophilia patients and patients with other blood and clotting disorders is provided by the HSE through a combination of HSE managed hospitals and Voluntary hospitals. Patients receive their treatment through three comprehensive care centres and a haemophilia treatment centre which are located at Cork University Hospital, Galway University Hospital, St. James’s Hospital Dublin, and Children’s Hospital Ireland (CHI) at Crumlin.
The HSE is responsible for the provision of medical treatment and care in public hospitals throughout Ireland. The HSE (through Galway University Hospital and Cork University Hospital), St James’s Hospital and Children’s Hospital Ireland (CHI) at Crumlin are jointly responsible for management and operation of the National Haemophilia System.
The National Haemophilia System will collect and process the following information
The National Haemophilia System will use the information collected about each patient for the following purposes:
Summary information may also be used in an aggregate form for the following purposes:
A patient’s information will only be available to others on a strict “need to know” basis. For example, the health care professionals and the administrative staff within the hospital which are providing a patient’s treatment and care will have access to the patient’s information. However in certain situations a patient’s information may be shared with other health care professionals and staff from other health care facilities, or other parties, for example:
Yes, the HSE (through Galway University Hospital and Cork University Hospital), St James’s Hospital and Children’s Hospital Ireland (CHI) at Crumlin are legally obligated under the Data Protection Acts and the EU General Data Protection Regulation (GDPR) to ensure all personal data collected about its patient’s is kept private and confidential.
In order to comply with their legal obligations Galway University Hospital and Cork University Hospital), St James’s Hospital and Children’s Hospital Ireland (CHI) at Crumlin have implemented a series of human, organisational and technological controls to protect all information stored on the National Haemophilia System.
A patient’s information will only be kept on the National Haemophilia System for as long as is legally necessary. The legal retention period for the different types of medical records is published within the HSE Record Retention Policy and a copy of this Policy is published on the HSE website.
All Health Research undertaken using information stored on National Haemophilia System will be carried out in accordance with the Data Protection Act 2018 (Section 36(2)) (Health Research) Regulations 2018
In accordance with the Data Protection Act 2018 (Section 36(2)) (Health Research) Regulations 2018, in most circumstances any proposed Health Research being undertaken using your personal data will require your explicit consent.
Under the EU General Data Protection Regulation (GDPR) you have the following rights:
If you wish to exercise any of these rights, you can submit a Subject Access Request (SAR), to the following Data Protection Officer (DPO) in the hospital where you are receiving your treatment and care:
Cork University Hospital
HSE Data Protection Officer (DPO)
dpo@hse.ie
Galway University Hospital
HSE Data Protection Officer (DPO)
dpo@hse.ie
St. James Hospital
St James’s Hospital Data Protection Officer (DPO)
dataprotection@stjames.ie
Children’s Hospital Ireland (CHI) at Crumlin
CHI@Crumlin Data Protection Officer (DPO)
dpo@olchc.ie
When submitting a SAR, the hospital may need information from you to confirm your identity. Once your identity has been confirmed, the hospital will supply you with your information free of charge, however, as permissible by law we may charge a reasonable fee if we believe your request is clearly unfounded, excessive or repetitive.
In the event that the hospital refuses your request under rights of access, the hospital will provide you with a reason as to why they have refused your request. You will then have the right to make a complaint to the Data Protection Commission (DPC)
In the event that you wish to make a complaint about how your personal data is being processed by the hospitals, or how your SAR has been handled, you have the right to lodge a complaint directly with the Data Protection Commission (DPC) at www.dataprivacy.ie