User interface language: English | Español

Date May 2018 Marks available 6 Reference code 18M.1.SL.TZ0.10
Level SL Paper 1 Time zone no time zone
Command term Discuss Question number 10 Adapted from N/A

Question

A medical centre uses a computer system to manage both patients’ data and appointments. This system, which is used by the doctors, nurses and secretaries, has two unordered files: a patients’ file and an appointments’ file, both of which can only be accessed sequentially.

Every evening the following processing takes place:

Outline the pseudocode that the processing must follow when the system sends out the text reminders.

[5]
a.

Describe two different methods that the medical centre could use that would allow data to be restored should it be lost for any reason.

[4]
b.

The medical centre is concerned about the privacy of the data it is storing and has to make decisions concerning:

Discuss the issues that should be considered before making these decisions.

[6]
c.

Markscheme

Award marks for a response which indicates the logical steps that have to be followed.

Award [5 max] as follows:
Iterate through the appointments file;
Check for correct day;
Repeat for each appointment on that day;
Using the patient ID for that appointment;
Iterate through the patients file until record for that ID found;
Retrieve phone number and send out SMS;

Example:

Note: Candidates are not requested to construct the (algorithm in) pseudocode.

a.

Award [1] for method and [1] for description – only accept TWO methods.
Mark as [2] and [2].

Backup;
Data files on a regular basis;

Printed copies;
Printouts can be kept of transactions;

Transaction Log file;
Written for each transaction can be used to restore;

Accept any reasonable methods described including second server and cloud use.

b.

There are 2 possible issues here: who has what level of access to the data in the hospital and whether storing in the cloud is safer than storing locally.

For each of these 2 issues award [3 max] as follows:
Award [1] for identifying the issue.
Award [1] for some valid development of the issue.
Award [1] for a suitable discussion.

Example answers could include reference to the following but this is not an exclusive list. Award marks for any two reasonable issues discussed – one of which is access and the other security.

Official access to the data [3 max]:
Access to this sensitive data must be restricted.
Only those directly concerned can be able to access it.
Even less people should be able to edit it.
Therefore access levels should be set up, with strong levels of authentication.
Physical access to servers should be controlled if using the local system;

Data security [3 max]:
Is the data safer stored locally or on the cloud?
Cloud service providers are professionals – they should have stronger security than a hospital system.
What track record / reputation does the cloud service provider have?
If patient data could be sold/inspected, then both the patient and hospital could suffer serious consequences.
Is the cloud governed by appropriate privacy laws?
Is it located internationally or is it governed by the laws of the country in question?
Could be intercepted in transmission;

c.

Examiners report

[N/A]
a.
[N/A]
b.
[N/A]
c.

Syllabus sections

Topic 1: System fundamentals » 1.2 System design basics
Show 29 related questions
Topic 1: System fundamentals

View options