Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

DPA/PA Images

HSE hack: A sensitive Tusla database dealing with child protection cases can't be accessed

The Tusla database holds information on current and previous child care cases.

LAST UPDATE | 21 May 2021

CHILD PROTECTION WORK by Tusla has been hugely hampered by the HSE cyber-attack as a database used to manage cases has been hit.

The National Childcare Information System (NCCIS) looks after child protection and welfare cases across the country.

Multiple sources have told The Journal that the hack has caused a halt to work as social workers, administrative staff and management cannot access critical data files.

Sources say the files – which include records of children in care, court outcomes, social work files dealing with children and child abuse cases – have all been encrypted and cannot be accessed.

One source with direct knowledge of the situation said that senior management in Tusla had been contacting staff about the problem in recent days.  

It is believed that the fostering department is the only department not affected as it operates off a different system.

“This is causing particular concerns because of the sensitivity of the records but also just the sheer scale of it.

“The database took years to come into effect because it contained so much information, and Tusla has been paperless for the last few years because everything goes in the database. They are crippled without it,” a separate source involved in investigating the issue said. 

In a statement this evening, CEO of Tusla, Bernard Gloster spoke about the challenges caused by the hack.

“We have many files and databases on the HSE network and all of these are unavailable to us at this time,” said Gloster.

“While there is no doubt that our staff are challenged by the current situation, teams around the country have a vast array of professional knowledge and that, coupled with manual systems ensures we are able to continue to prioritise our immediate Child Protection and Children in Care services.”

Sources have said that there has been a direct impact on open case files of individual children who are currently in need of Tusla’s help.

“There is no way to track children in care or know their histories. There are real concerns that there is potential that the most sensitive of cases, that of child sexual abuse, can be found out if it is leaked online,” another source added.

Another source, who is involved in liaising with Tusla on child protection issues, said that urgent referrals by gardaí under the Child Care Act who find children at risk may also be impacted.

“This comes under section 12 of the act. The garda interactions with these children will be recorded on PULSE but there is a problem with the follow up then for social workers accessing their information.

“It will just all have to be done with a pen and paper,” the source added.

On cases that are currently before the courts, Gloster says Tusla is working with legal representatives and the court service to ensure that no child subject to court proceedings will be negatively impacted.

Tusla database

Gloster confirmed that the database was contained within the cyber attack but said that there was no evidence that the information on the server had been stolen.

Gloster has said that he is continually receiving assuring updates that the information has not been stolen “however it is too early to be definitive”.

“The National Childcare Information System (NCCIS) remains unavailable and at this point it is not possible to indicate for how long more this will be the case,” said a spokesperson for Tusla.

“The NCCIS is operated by Tusla, however the majority of Tusla databases and operating systems are hosted on the HSE network as our provider of ICT shared services and recognising that Tusla has its origins in the HSE.

“It is not possible to be definitive as to whether any of the data held on the NCCIS been compromised as a number of investigations and processes are underway in the HSE and Tusla to determine the impact on all systems, including NCCIS.

“At this point there is no evidence of NCCIS information theft.  We are continuing to examine the risks and challenges to all of our operating systems and databases,” the spokesperson said.

According to Gloster, Tusla is continuing to ensure that important payments are made as soon as possible, including payments of aftercare allowances to care leavers, foster care payments, as well as payments to providers and staff.

There are currently manual workarounds being put in place to ensure payments are made.

Additional reporting by Christine Bohan and Tadgh McNally.

On this week’s episode of The Explainer we look at the impact of the HSE cyber hack:


The Explainer / SoundCloud

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
28 Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel

     
    JournalTv
    News in 60 seconds