Region Syddanmark has reported distribution company Dao to Denmark’s Data Protection Agency, Datatilsynet. This follows incidents in week six when several hospitals in southern Denmark discovered that Dao had left sacks of mail in publicly accessible areas. According to a press release from the region, this violates their delivery agreements, which require secure handover using access cards to non-public locations. Kurt Espersen, director of Region Syddanmark, stated it is unacceptable that Dao failed to meet these terms. He emphasized that dropping mail in unstaffed hospital lobbies over weekends poses serious risks. Some of the misplaced items included citizens’ diagnostic test results, containing sensitive health data, leading to discarded samples and potential breaches of personal data security. While there is no evidence yet that any data was misused, the risk prompted the formal report. In notifying Datatilsynet, Region Syddanmark has summoned Dao’s top management for an urgent meeting. Espersen said they aim to resolve the delivery issues once and for all. Until then, hospitals have implemented temporary measures, including staff conducting scheduled mail pickups at previously affected drop-off points. Espersen acknowledged the added burden on already stretched healthcare workers but stressed that patient and data safety leave no alternative.
Read more: Region Reports Dao Over Sensitive Mail Left in Public Areas.
Read more: Region Syddanmark Reports Mail Carrier Over Privacy Breach.