Part (d) answer

The patiant has the right to see their personal data, this also ensures that it is correct because if it isn’t then the patient will raise the issue to the data holders.
There is also the fact that if the patient is not able to see his/her own details then he/she has a risk of being given the wrong treatment or medicine, which could turn out to be a serious issue.
To expand and conclude these issues, patients should be allowed and able to view their personal details to minimize the risk of getting the wrong treatment and/or medicine.
However if the patient is able to do this, they will need to be able to edit the data, therefore there will be a security factor in the database so the use of passwords and usernames will be needed, this will be time consuming and there would probably be cost involved.

Second policy
Secondly, personal data should not be shared with anyone unless permission has been asked from the patient that the information is about. This policy is required so the data is protected of each individual and is not access, changed or misused by any unauthorized member. It is a privacy issue because the patients do not know who will be accessing there data and if anyone else has access to it. There could be information that may be confidential between a doctor and a patient which other people are not meant to know. If people do access it that have no authorization they may misuse the data or change it. The data may not be reliable if many people have access to it and change it giving wrong information to future doctors who check it and that may risk patient’s life. Patients themselves may not have right sot change any of their data or they may only be allowed to change a bit but even doctors cannot change it unless the previous information is wrong or not up to date. It will not be up to date. They could implement passwords or methods of logging to access the data or parts of it depending on how much authorization hey have to access it. An advantage though of this policy is confidential information an be kept between doctors and the patient and no one will be bale to have access of it. A disadvantage is that due to it being confidential and if in an emergency someone else has to access the data they will have to go through long procedures of asking permission to access the data which can be very time consuming. An a example of this disadvantage can be seen by if a relative of a patient who is in an emergency situation needs to look up something about their past medical history they will not be able to do that unless they get permission from certain authorities which may risk a patient’s life. Therefore information shouldn’t be shared with third parties or anyone else part of the medical institution as it may cause the data to be misused, passed around or even sold to others. The solution to this is to had passwords to protect all the medical information and give access to authorized users so the information is confidential. Patients can also give a list of family members who can access their medical information in times of emergencies.

To conclude, privacy of the data is the main issue, and the issue of who has the right to view the data is a policy which should be addressed. Without a policy addressing privacy, then the data would be let out and the patient's personal data could be damaged. The image of the hospital would also be damaged as there is no security for the patients.