The health watchdog has had 22 data breaches since the beginning of last year.
Three were reported to the Data Protection Commissioner - with one deemed to be a 'high risk'.
According to documents released to Newstalk under the Freedom of Information Act, HIQA has had 32 suspected data breaches since January 2019.
22 were deemed to be actual breaches and ten were described as 'near misses'.
Three were reported to the Data Protection Commissioner.
In a high-risk breach, an inspection report was published online containing information about an employee at the centre.
It related to their performance in their role and while not named, the staff member was easily identifiable.
In another case, a HIQA employee's email account was hacked - access was gained for several hours and spam-type emails were sent.
The other incident reported to the commissioner involved a payslip sent to the wrong recipient.
Responding to the figures, Stephen McMahon from the Irish Patients Association said: "It's important now that HIQA takes measures to ensure that no employees email accounts get hacked.
"It's important to learn from the other examples of breaches in data protection that were not necessarily reported to the Data Protection Commissioner."
HIQA says it takes its responsibilities under GDPR very seriously and has procedures in place to ensure it complies with data-protection obligations.