The Data Protection Commissioner has confirmed that he has received a preliminary verbal report from Tallaght Hospital concerning a potential data security breach.

The telephone report to the Commissioner was made by the hospital yesterday evening, after a series of questions were put to the hospital by RTÉ News.

Those questions concerned the supply of medical records to a private firm, so that patient medical reports and GP letters can be typed up and returned to the hospital.

Some of the patient details were sent by the private firm to its offices in the Philippines to be transcribed and then returned to Ireland.

It is understood that medical data relating to thousands of patients were sent to the firm.

Deputy Data Protection Commissioner Gary Davis said he expects to receive a written report from Tallaght Hospital on Monday or Tuesday.

He said that on foot of receipt of the report, a visit to the hospital was likely.

Mr Davis said the Tallaght matter had still to be examined but that patients who give confidential information expect it will be held securely and not fall into the hands of third parties.

He said patients need to be assured of confidentiality, so they can give information to doctors.

Tallaght Hospital has promised to supply a written report to the Data Protection Commissioner on the practice at the hospital.

As yet, the hospital has not responded to questions put to it by RTÉ News yesterday and it is still unclear if the hospital has informed any patients of a potential breach of security.

The service was provided by a company with offices in Dublin and according to its website it is Data Protection compliant.

The company encrypts the contents of the correspondence and no patient identifiers are used.

Last year, the hospital was the subject of an independent inquiry into over 50,000 unread X-rays and unprocessed GP referral letters.

Its Emergency Department is currently the subject of an investigation by the Health Information and Quality Authority.