PERSONAL DATA: WHAT TO DO WITH IT?
- Posted by: kuatif90
- Category: MBA@KPJ
Do you have any personal data? Of course, every person has their own personal data. What is personal data or what data can be considered as personal data? According to the Cambridge Dictionary, personal data can be defined as information that only relates to a specific person and we do not want for everyone to have access to the data. Meanwhile, according to the Personal Data Protection Commissioner (PDPC) Malaysia, personal data can be defined as any information, whether directly or indirectly, related to the person and from the information stated, it is able to identify the person’s identity.
What is the data that usually referred to ourself? Commonly, the personal data that we use to show as our identity are name, identification number, home address and phone number. However, it is different from one person to another persons’ preference to consider which data is private and which are not.
In a hospital setting, other personal data that are commonly used as a unique identifier for every patient registered with the hospital. It is known as Medical Record Number (MRN). One particular MRN is specified to one Identification Number, hence, one person should only have one MRN in a hospital. MRN can be considered as private data depending on the persons’ preference and situation.
Staff nurses who worked in the hospital have a chance and opportunity to access the personal data of the patient easily. Can the staff nurse expose the MRN of the patient? If the MRN is needed by the healthcare team in the hospital, it should not be an offence to give the MRN to the others. However, is it ethical to give the MRN or any personal data that can be retrieved from the MRN to outsiders without any relevant purpose?
Hence, during registration, the hospital will give the notice and consent form to the patient. The notice will state the type of data collected, who will process the data, to who the data will be disclosed to and who will be allowed to access the personal data. This is aligned with the personal data protection principles under the Personal Data Protection Act 2010.
The personal data should be protected by all hospital staffs, especially the healthcare team who are involved directly with the patients’ treatment and care. It will show the integrity and honesty of the staff as well as displaying a good image of the organization indirectly. We would want to prevent any leak of the personal data or personal finding of the treatment of our patient to an irresponsible party, which will cause more harm towards the organization. We should play our best efforts to ensure the data of the patient are well protected.
In short, personal data is an important data to everybody and the data aggression or disclosure without permission are unethical that should not be done by anyone, regardless of the purpose.
Ku Muhammad Atif Bin Ku Aziz
KPJ Ampang Puteri Specialist Hospital