Print Friendly, PDF & Email

RSTV: THE BIG PICTURE- HEALTH DATA MANAGEMENT POLICY

RSTV


Introduction:

The health Ministry approved a policy under the National Digital Health Mission (NDHM) to protect and manage personal data of patients using the digital services of the scheme. The policy that was approved by Union Health Minister Harsh Vardhan acts as a guidance document across the National Digital Health Ecosystem (NDHE). The government said that this policy is to be read along with, and not in contradiction to, any applicable law, or any instrument having the effect of any law together with the Blueprint, the information security policy, the data retention and archival policy and any other policy which may be issued for the implementation of the NDHM. Data collected across the National Digital Health Ecosystem (NDHE) will be stored in at the central level, the state or Union Territory level and at the health facility level, by adopting the principle of minimality at each point.

Objectives of this Policy: 

  • To provide adequate guidance and to set out a framework for the secure processing of personal and sensitive personal data of individuals who are a part of the NDHE in compliance with all applicable laws
  • To safeguard digital personal data within the ambit of the NDHE, including the Personal Health Identifier, the electronic health records and electronic medical records, by implementing adequate technical and organisational measures across the NDHE
  • To create a system of digital health records which is easily accessible to individuals and health service providers and is purely voluntary in nature, based on the consent of individuals, and in compliance with international standards and/or other relevant standards related to data interoperability and data sharing as may be notified for the implementation of NDHM from time to time
  • To increase awareness of the importance of data privacy and instill a privacy-oriented mindset among the members of NDHM and its ecosystem partners
  • To ensure portability in the provision of health services
  • To establish appropriate institutional mechanisms for auditing of the NDHE as needed and to encourage stakeholders and ecosystem partners to adopt the data protection principles set out in this Policy.
  • To leverage the information systems existing in the Indian health sector by encouraging conformity with the defined data privacy standards and integrating such existing systems with NDHE.

The policy acts as a guidance document across the National Digital Health Ecosystem (NDHE) and sets out the minimum standard for data privacy protection that should be followed across the board to ensure compliance with relevant and applicable laws, rules and regulations.

Participation of an individual in the NDHE will be on a voluntary basis. Those who wish to participate will be issued a unique health ID after verification through a valid government document, including the Aadhaar card.

However, use of Aadhaar card for verification will also be voluntary, and failure or refusal to make use of Aadhaar would not result in the denial of access to any health facility or service under the policy.

The National Digital Health Blueprint, 2019, recommends that a federated architecture be adopted, instead of a centralised architecture, for the management of digital health data to ensure interoperability, technological flexibility and independence across the NDHE.

Government will now work on the guidelines for the implementation of the policy that is likely to be updated from time to time to make it more relevant in the current times.

Need And Highlights:

  • The Ministry of Health and Family Welfare is responsible for conceiving the idea of the National Digital Health Mission (“NDHM”).
  • This visionary project of the Government of India, stemming from the National Health Policy, 2017 (“National Health Policy”) intends to digitise the entire healthcare ecosystem of India.
  • This would be done by creating digital health records, and creating and maintaining registries for healthcare professionals and health facilities in order to ensure a smooth interoperable framework for the multiple partners associated with healthcare delivery to individuals in India.
  • The National Digital Health Blueprint, 2019 recommends that a federated architecture be adopted, instead of a centralised architecture, for the management of digital health data to ensure interoperability, technological flexibility and independence across the National Digital Health Ecosystem.
  • This Health Data Management Policy is the first step in realising the NDHM’s guiding principle of “Security and Privacy by Design” for the protection of individuals’/data principal’s personal digital health data privacy.
  • It acts as a guidance document across the NDHE and sets out the minimum standard for data privacy protection that should be followed across the board in order to ensure compliance with relevant and applicable laws, rules and regulations.
  • This Policy will be dynamic in nature and may be revised from time to time as may be required. Necessary guidelines may also be issued for the implementation of the NDHM.
  • The NDHE is based on the principle of federated architecture, which allows interoperability between independent and decentralized information systems, while enhancing the security and privacy of personal data of individuals.
  • Such interoperability shall be strictly compliant with the provisions relating to consent, and protection of personal data as set out under this Policy. This would be essential to build a trust quotient across the NDHE as well as to ensure that the personal data relating to the health of all individuals in India is adequately protected.
  • In addition, participation of an individual in the NDHE will be on a voluntary basis and where an individual chooses to participate, he/she will be issued a Health ID (as defined in this Policy) by the NDHM.
  • Where an individual wishes to avail of any health services, the Health ID of the individual may be verified by the use of Aadhaar or any other method of identification as may be specified by the NDHM.
  • The voluntary use of Aadhaar in this Policy is envisaged as per the Aadhaar Authentication for Good Governance (Social Welfare, Innovation, Knowledge) Rules, 2020. The failure or refusal to make use of Aadhaar would not result in the denial of access to any health facility or service.

The policy acts as a guidance document across the National Digital Health Ecosystem (NDHE) and sets out the minimum standard for data privacy protection that should be followed across the board to ensure compliance with relevant and applicable laws, rules and regulations.

Participation of an individual in the NDHE will be on a voluntary basis. Those who wish to participate will be issued a unique health ID after verification through a valid government document, including the Aadhaar card.

However, use of Aadhaar card for verification will also be voluntary, and failure or refusal to make use of Aadhaar would not result in the denial of access to any health facility or service under the policy.

The National Digital Health Blueprint, 2019, recommends that a federated architecture be adopted, instead of a centralised architecture, for the management of digital health data to ensure interoperability, technological flexibility and independence across the NDHE.

Government will now work on the guidelines for the implementation of the policy that is likely to be updated from time to time to make it more relevant in the current times.

The policy acts as a guidance document across the National Digital Health Ecosystem (NDHE) and sets out the minimum standard for data privacy protection that should be followed across the board to ensure compliance with relevant and applicable laws, rules and regulations.

Participation of an individual in the NDHE will be on a voluntary basis. Those who wish to participate will be issued a unique health ID after verification through a valid government document, including the Aadhaar card.

However, use of Aadhaar card for verification will also be voluntary, and failure or refusal to make use of Aadhaar would not result in the denial of access to any health facility or service under the policy.

The National Digital Health Blueprint, 2019, recommends that a federated architecture be adopted, instead of a centralised architecture, for the management of digital health data to ensure interoperability, technological flexibility and independence across the NDHE.

Government will now work on the guidelines for the implementation of the policy that is likely to be updated from time to time to make it more relevant in the current times.

The policy acts as a guidance document across the National Digital Health Ecosystem (NDHE) and sets out the minimum standard for data privacy protection that should be followed across the board to ensure compliance with relevant and applicable laws, rules and regulations.

Participation of an individual in the NDHE will be on a voluntary basis. Those who wish to participate will be issued a unique health ID after verification through a valid government document, including the Aadhaar card.

However, use of Aadhaar card for verification will also be voluntary, and failure or refusal to make use of Aadhaar would not result in the denial of access to any health facility or service under the policy.

The National Digital Health Blueprint, 2019, recommends that a federated architecture be adopted, instead of a centralised architecture, for the management of digital health data to ensure interoperability, technological flexibility and independence across the NDHE.

Government will now work on the guidelines for the implementation of the policy that is likely to be updated from time to time to make it more relevant in the current times.

The policy acts as a guidance document across the National Digital Health Ecosystem (NDHE) and sets out the minimum standard for data privacy protection that should be followed across the board to ensure compliance with relevant and applicable laws, rules and regulations.

Participation of an individual in the NDHE will be on a voluntary basis. Those who wish to participate will be issued a unique health ID after verification through a valid government document, including the Aadhaar card.

However, use of Aadhaar card for verification will also be voluntary, and failure or refusal to make use of Aadhaar would not result in the denial of access to any health facility or service under the policy.

The National Digital Health Blueprint, 2019, recommends that a federated architecture be adopted, instead of a centralised architecture, for the management of digital health data to ensure interoperability, technological flexibility and independence across the NDHE.

Government will now work on the guidelines for the implementation of the policy that is likely to be updated from time to time to make it more relevant in the current times.