Date | November 2018 | Marks available | 8 | Reference code | 18N.1.SL.TZ0.1 |
Level | SL | Paper | 1 | Time zone | no time zone |
Command term | Evaluate | Question number | 1 | Adapted from | N/A |
Question
Google health care data
Google is developing an app to assist hospitals in monitoring kidney disease in patients. To develop this app, Google has signed an agreement with the UK’s National Health Service (NHS) that will give Google access to data on over one and a half million patients held in the NHS database.
The database includes health-related data as well as personal data, some of which is sensitive.
Google plans to use data analytics techniques and artificial neural networks (ANNs) to analyse the data and provide information that can be used to improve the app. Once the app has been developed, it will be provided to the NHS.
Identify two items of health-related data that could be used to improve the treatment of patients.
Identify two reasons why organizations like the NHS would use data analytics.
Identify two reasons why NHS records are stored in a database rather than in a spreadsheet.
The agreement between Google and the NHS includes policies for the collection, storage and sharing of patient data.
Explain why it is important that the agreement between Google and the NHS includes policies for the collection, storage and sharing of patient data.
Evaluate the decision by the NHS to share patient data with Google.
Markscheme
Answers may include:
- Age
- Weight
- Heartbeat pattern
- Blood pressure
- Blood type
- Breathing rate
- Blood oxygen concentration
- Body temperature
- Allergies
- Pre-existing medical conditions
- Sex
Award [1] for identifying each item of health-related data that could be used to improve the treatment of patients up to a maximum of [2].
Answers may include:
- To determine data trends and patterns (in large data sets).
- To provide information to organizations like health providers for future strategic decisions.
Award [1] for identifying each reason why organizations such as the NHS would use up to maximum of [2].
Answers may include:
Reasons to not use spreadsheets:
- Spreadsheets cannot accommodate very large data sets / only have 105 000 rows.
- Spreadsheets are designed to perform calculations.
- Spreadsheets do everything in memory, so any unsaved data can be lost if the system crashes.
Reasons to use a database:
- Databases generally have more intuitive user interfaces.
- Complex queries can be set up and applied to the data set.
- Reports can be generated.
- A DBMS (database management system) usually has security features to keep the data safe.
- Data is written to disc immediately.
- Related data tables can be linked.
- Databases reduce data redundancy.
Award [1] for identifying each reason why NHS records are stored in a database rather than a spreadsheet up to maximum of [2].
Answers may include:
A policy is required for collection:
- so that only the relevant information is collected (with such a large data set, large amounts of data could be collected, much of which are not relevant)
- so that it is made clear to the data subjects/patients the purpose of collecting the data is / what data will be collected
- so that it is clear who is responsible for collecting the data
- so that it is clear how the data will be collected
- to ensure that only the information of patients who have consented to the use of their data is collected or that they have a way to opt out of their data being used
- so that the accuracy of the data collection can be ensured
- to ensure that the data is collected consistently.
A policy is required for storage:
- to ensure that data is stored securely
- to make it clear who is responsible for the security of data storage
- to make it clear who should be accountable for the security of the data
- to make it clear where the data is stored (it is likely that most of it is confidential)
- to make it clear who has access to the data
- to ensure that data is stored in an accessible manner for authorized users
- to make it clear that data storage will comply with the law
- to make it clear how the data will be stored
- to make it clear how long the data can be stored.
A policy is required for sharing:
- so that it is clearly identified with whom the data will be shared
- to make it clear how the data will be shared (will they be safe during the transmission?)
- to make it clear what happens to the data once it is shared
- to make it clear for what purpose the data will be shared (it is likely that a large part of the data linked to patients is confidential).
N.B.: The response requires an explanation of why a policy is required rather than discussion of what is included in the policy. There must be an explanation for why each policy is required.
Award [1] for identifying why a policy for the collection, storage and sharing of patient data is required and [1] for a development of the explanation up to a maximum of [2].
Mark as [2] + [2] + [2].
Answers may include:
Reasons for sharing the patient data with Google:
- Google may have access to data analytics tools that can interrogate the data far more effectively than the NHS data analytics systems.
- Google may provide additional IT expertise that the NHS can use.
- Google may be able to provide additional health-related data/information.
- Google may be able to integrate this NHS data with existing applications, such as Google Maps, to provide meaningful visual data / Google may provide additional resources such as data visualization tools (systems).
- Data can be analysed against other data sets.
Reasons for not sharing the patient data with Google:
- There may be no way of knowing which other third parties Google is sharing the NHS information with (security, values).
- The NHS may find that the patient data becomes integrated onto Google’s tools so that they cannot extricate themselves from the contract (power, values).
- The NHS may find as part of the agreement that Google imposes conditions that may mean the data is not used in an optimal manner, or not used for the purposes it was intended (values).
- Once the data is shared, it is hard to guarantee that is deleted when it is no longer needed.
- Patient privacy is a concern. Is data anonymized and does Google have sufficient security measures in place (values)?
- Rejection of patients’ consent to share their data with Google (values).
In part (c) of this question it is expected there will be a balance between the terminology related to digital systems and the terminology related to social and ethical impacts.
Keywords: health, data, patient, analytics, privacy, anonymity, security, change, power, systems, values, ethics
Refer to SL/HL paper 1, part c markbands when awarding marks. These can be found under the "Your tests" tab > supplemental materials > Digital society markbands and guidance document