The Government of India has been extensively working on the National Digital Health Mission (hereinafter “the NDHM”). The Ministry of Health and Family Welfare’s (hereinafter “the MoHFW”) National Health Authority (hereinafter “the NHA”), which is a successor of the National Health Agency, is the implementing agency of the National Digital Health Mission. The National Health Authority has been constituted under a Gazette notification registered no. DL— (N) 04/0007/2003-18.
The NHA recently released the draft National Digital Health Data Management Policy for stakeholder consultation in August, 2020. Prior to the announcement of National Digital Health Data Management Policy, the Prime Minister, on August 15th, had announced the launch of National Digital Health Mission (hereinafter “the NDHM”). The Prime Minister on August 15th , 2020 had said that “every Indian will be given a health ID”. The pilot project of NDHM was launched in six Union territories at the same time.
The push towards digital health data management in last two years and its emphasis on Aadhaar is worrisome. The draft Digital Health Data Management Policy has raised multiple concerns surrounding the use of health records of citizens (read our comments on the draft Policy here). While the policy on the Digital Health Data Management is still under deliberation, the Ministry of Health and Family Welfare has already started creating the digital health IDs on pilot basis in six union territories. In this post, we have chalked down the timeline of developments in the National Digital Health Mission alongside a brief description.
-
The Clinical Establishments (Central Government) Rules
The Clinical Establishments (Central Government) Rules, 2012 were notified in 2012 and have been notified under the Section 52 of the Clinical Establishments (Registration and Regulation) Act, 2010. The rules require all the clinical establishments to maintain and provide electronic medical records or electronic health records of all the patient. However, it does not offer any safeguards in case of breach of electronic health records. The Rules also do not lay down security standards to be followed while maintaining medical health records.
Source -
The National Health Policy
The National Health Policy, 2017 was released by the Ministry of Health & Family Welfare. The Policy proposed setting up of a National Digital Health Authority (NDHA) with the goal “to regulate, develop and deploy digital health across the continuum of care” given the “integral role of technology (e-Health, m-Health, Cloud, Internet of Things, Wearable etc.) in the healthcare delivery.” The Policy suggested use of Aadhaar for identified, and creation of registries for public health, and use of smartphones, tablets etc.
The Policy also stated that by 2020, Government will ensure a database on health system components at district level and will establish registries of diseases.
Source -
The Draft Digital Information Security in Healthcare Act
Subsequently, a draft Digital Information Security in Healthcare Act, 2018 was released by Ministry of Health & Family Welfare for public consultation. The purpose of the draft Act was to “provide for electronic health data privacy, confidentiality, security and standardization and provide for establishment of National Digital Health Authority and Health Information Exchanges and such other matters related and incidental thereto.” The draft Act had provisions on National Electronic Health Authority, State Electronic Health Authorities, Health Information Exchanges, data ownership, security and standardization, digital health data breach and consequences etc. The draft Act, however, never saw light of the day and was not tabled in the Parliament.
Instead, the Sri Krishna Committee had submitted its recommendations on Free and Fair Digital Economy: Protecting Privacy, Empowering Indians. Since then, the Ministry of Electronics and Information Technology held a consultation on the draft Personal Data Protection Bill, 2018, and later on the draft Personal Data Protection Bill, 2019. The 2019 Bill was tabled in the Lok Sabha in winter session of 2019 and was subsequently referred to a Joint Parliamentary Committee chaired by Lok Sabha MP Ms. Meenakshi Lekhi. The Bill is undergoing the scrutiny of the Joint Parliamentary Committee.
Source -
The National Health Stack
The NITI Aayog had released a strategy document titled “National Health Stack: Strategy and Approach” (hereinafter “the NHS or the National Health Stack”) for consultation in 2018. The NHS is essentially a “digital infrastructure” required in “implementing digital health initiatives” . The primary objective of the NHS is to facilitate collection of healthcare data. The key components of the National Health Stack are national health electronic registries, a coverage and claims platform, a federated personal health records framework, a national health analytics platform and other horizontal components.
It provided the foundational components required for the Ayushman Bharat scheme and other health programs in India.
Source
The National Digital Health Blueprint
The Ministry of Health & Family Welfare had released the report on National Digital Health Blueprint (NDHB) in 2019 for public consultation (read our comments on the National Digital Health Blueprint here). The objective of the Report included establishing core digital health data infrastructure for seamless exchange, creating a system of electronic health records, and promoting health data analytics and medical research.
The MoHFW released the final report on National Digital Health Blueprint in January, 2020.
SourceThe National Digital Health Mission,
On August 15th, 2020, Prime Minister Narendra Modi announced the National Digital Health Mission which seeks to “provide the necessary support for integration of digital health infrastructure in the country”. NDHM seeks to create “a national digital health ecosystem that supports universal health coverage in an efficient, accessible, inclusive, affordable, timely manner through the provision of a wide range of data, information and infrastructure services, duly leveraging open, interoperable, standards-based digital systems, and ensures the security, confidentiality and privacy of health-related personal information”.
The NDHM has been launched on pilot basis in six union territories including— Chandigarh, Ladakh, Dadra & Nagar Haveli and Daman & Diu, Puducherry, Andaman & Nicobar islands, and Lakshadweep. The creation of Health IDs in these UTs have already started. Health IDs of approximately 55,700 citizens have been created.
In our comments on the draft Digital Health Data Management Policy, 2020, we had expressed reservations on the possibility of voluntary-mandatory nature of the health ID. We have already seen such example in Chandigarh where Post Graduate Institute of Medical Education and Research had issued a circular asking all doctors, other staff and their family members to mandatorily get a digital ID. Eventually, the circular was withdrawn stating that term “mandatory” was included in it erroneously.
We had also recommended that the pilot project of issuing health IDs to residents of six Union territories must be scrapped unless there is a specific legislation governing data collection and the finalization of the Policy.
SourceThe draft Digital Health Data Management Policy
In pursuance to the National Digital Health Mission, the MoHFW had released the draft Health Data Management Policy for stakeholder consultation on August 20th. The draft Policy elaborated upon rights of data principals, data fiduciaries, voluntary nature of the health ID etc. However, a policy is no substitute for law. The draft Policy is silent on data collected and used, murky role of consent managers etc. You can read our comments on the Policy here.
The MoHFW released the final report on National Digital Health Blueprint in January, 2020.
Source