LESSON XIV

Lesson Title: ETHICS, PRIVACY, AND SECURITY

Essay

Name of Student Marfa, Mwen Andraea Fiona V.

Year and Section 2E-MT

Name of Instructor Mr. Jiovanni Diaz

Date Submitted December 4, 2019

Rating

Answer the following questions in 150 words or more.

1. Aside from those listed in the HIS and LIS table, what changes would you like to
recommend to improve the physical safeguards that are implemented in your
hospital?

I would recommend the installation of CCTV as it is a TV system in which

signals are not publicly distributed but are monitored, primarily for surveillance and
security purposes. CCTV relies on strategic placement of cameras, and observation
of the camera's input on monitors somewhere. Any kind of security is very important
to ensure the safety of people. Hospitals, being public and mostly a crowded place,
securing it from various theft and crime becomes essential. Having security
cameras installed at various corners of the hospital will help you know if there is
anyone involved in unwanted activities. Also, it gives you the video footage of what
is happening in the hospital. Also, hospitals cannot be careless about data backup.
Their data is crucial for providing dependable care for patients. Imagine a healthcare
facility suddenly without power, or with damaged or missing information. Backup
 data must be stored off premises, this way it won't be lost if damage occurs to
computer equipment.

2. What can you say about the Data Privacy Act of 2012 and its Implementing Rules
and Regulations? Do you have any comments and recommendations on how to
further improve this act and make it more effective and useful to the Filipinos.

The Data Privacy Act of 20212 must have revisions in all security incidents and
personal data breaches and it shall be documented through written reports,
including those not covered by the notification requirements. In the case of personal
data breaches, a report shall include the facts surrounding an incident, the effects
of such incident, and the remedial actions taken by the personal information
controller. In other security incidents not involving personal data, a report containing
aggregated data shall constitute sufficient documentation. Breachers must also be
penalized since tampering data could cause consequences.