Shortcomings in healthcare data system identified in Hiqa report

Watchdog says HSE must implement nine recommendations on database used for health planning

Data from HIPE is used in research, including to compile data on drug and alcohol-related hospital admissions. Photograph: iStock
Data from HIPE is used in research, including to compile data on drug and alcohol-related hospital admissions. Photograph: iStock

A series of shortcomings, including potential privacy issues, have been identified in the main health information system used in Ireland to inform healthcare planning, delivery and funding.

A review of the Hospital In-patient Enquiry (HIPE) system by the health standards watchdog said the issues with the governance structures had the potential to impact on its crucial role in healthcare planning.

The system collects demographic, clinical and administrative information on discharges and deaths from all acute hospitals, reporting on over 1.7 million inpatient and day case records annually.

Data from HIPE is used in research, including to compile data on drug and alcohol-related hospital admissions and deaths and on psychiatric admissions.

READ MORE

The Health Information and Quality Authority (Hiqa) undertook the review in order to assess compliance with the information management standards for national health and social care data.

In particular, the review found that there are “no national oversight structures and arrangements in place for the governance, leadership and management of HIPE at a senior level within the HSE”.

Recommendations

Hiqa makes nine recommendations, including that “necessary arrangements” to meet new legal obligations under European data protection law should be implemented.

It added that, as outlined in the General Data Protection Regulation, the office responsible within the HSE “should clearly outline the circumstances in which it is necessary to seek specific consent for using data beyond the purposes for which the data was collected”.

It said the office should also undertake a review to assess the need for a data protection impact assessment, which was a mandatory requirement, particularly in light of “data sharing practices” and the impact of the forthcoming introduction of individual health identifiers.

Rachel Flynn, Hiqa’s director of health information and standards, said: “The review found shortcomings in governance structures at HIPE that have the potential to impact on its crucial role in healthcare planning and funding. To ensure that HIPE can fulfil its essential role, it is important that the HSE implements the nine recommendations made by Hiqa today.”

Ms Flynn said complying with the information management standards would improve the quality of national health information and data, “which will ultimately contribute to the delivery of safe and reliable health and social care in Ireland”.

HIPE was established as a pilot project in 1969 and was rolled out to all acute public hospitals in the 1970s.

The information system was transferred from the Economic and Social Research Institute (ESRI) to the HSE in 2014.

Data governance consultant Daragh O’Brien of the Dublin firm Castlebridge, said the report should be considered a “timely warning not just for HIPE, but for a range of other e-health initiatives”.