3. (a)
The management team of Mauchly Hospital have been reviewing the expense in the back-up of medical records associated with patients. The medical records largely comprise of multiple standard forms and letters for each individual patient. Consequently, multiple forms and letters have small changes between them. A typical example is that of an appointment letter where only the address and name are altered for each patient.
Mauchly Hospital require a more efficient approach to storage of back-up medical records for patients. The current back-up solution maintains a complete duplicate for each patient. The management want to make efficient use of infrastructure and avoid storage of redundant data and reduce the flow of data over their internal network.
Devise and describe an appropriate solution that reduces redundant data in the given context.
[8]
The management team are concerned about threats to patient privacy that may arise from changes to internal back-up infrastructure.
Identify a potential attack that may compromise patient privacy for the proposed solution in (a) and argue for an appropriate solution to the attack.
[6]
The management team are concerned that any sophisticated solution to reducing redundant data may hamper the organisation to comply with aspects of data protection and privacy. They are particularly concerned about the right of an individual to have their data deleted.
Outline how the proposed solution in (a) may be perceived as in conflict with the right of data subjects to be forgotten. Argue how the solution would not conflict with the right to be forgotten.
[6]
