The National Health Authority recently released a draft for Health Data Management Policy of the National Digital Health Mission (NDHM) in the public domain for feedback aiming to look at data safety measures as an attempt to digitise the healthcare ecosystem.
This ambitious mission is a move forward in strengthening the Indian health infrastructure lacking patient records and health data. However, it won’t be possible without addressing the concerns on data security and effective implementation.
Announced by Prime Minister Modi during the Independence Day speech, the mission aims to “voluntarily” give every Indian citizen a unique health ID under the National Digital Health Mission which will serve as a digital repository containing all their health data as well as provide a registry of doctors and health facilities.
Currently, the public and private hospitals function with varying technological capacities leading to fragmented and inadequate maintenance of health records.
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
NDHM would consist of six areas, including health ID, DigiDoctor, health facility registry, personal health records, e-pharmacy, and telemedicine.
This transition from paper-based to electronic health records would reduce the challenges such as inconvenience caused by handling or loss of records, duplication of diagnostic and consultation services and delays in treatment leading to increased expenditure in healthcare.
Undoubtedly, the Covid-19 outbreak has been a major driving factor for the digital push in Indian healthcare, as happened in the legalisation of telemedicine which was long pending.
Reports suggest that adoption of electronic health records have shown significant benefits in healthcare delivery, preventive care and decreasing treatment costs. However, since health records are sensitive personal data, the lack of a legal framework for data protection is a major roadblock to overcome.
According to Max Healthcare CIO Prashant Singh, there are various security controls which all other stakeholders in the healthcare delivery like health information provider, health information users and others have to consider while connecting their ecosystem with the centralized channel.
“There would be a need to have 24×7 security surveillance ensuring every data byte is highly secure else it would open doors to hackers also in terms of exploiting the vulnerabilities and getting the access to relevant and valuable healthcare data,” he said.
While some private hospitals have adopted electronic health record standards notified by the Indian government, however, interoperability of the patient data from one hospital to another is still not possible.
Prashant further said, when it comes to establishing a federated health exchange system, apart from other ingredients one important element is “interoperability” and that’s where conformance to EMR standards come into play. The current adoption of the standard is not very encouraging, and needs to be buckled up for adoption. The challenge would be to consider the unstructured medical record and further adoption of the standards for new records.
The strategy document states, “NDHM will implement a federated health records exchange system that will enable patient data to be held at point of care or at the closest possible location to where it was created. Health records will be accessible and shareable by the patient with appropriate consent and complete control of the records will remain with the patient.”
Narayana Health, Executive Director and Group COO, Viren Shetty is of the opinion that largest Indian software companies generate billions of dollars doing back end integration work for western EHR companies and the Indian healthcare market is too small for them, so they will never jeopardize their client relationships by developing competing software for Indian hospitals.
“If the NHA truly wishes to have Indian hospitals buy made-in-India software, they need to build in flexibility to adapt the software standards for the Indian context. We need to adopt only the most useful parts of foreign standards without becoming colonized by foreign-funded companies who wrote those standards,” he further added.
The main objective of this draft policy is to provide adequate guidance and to set out a framework for the secure processing of personal and sensitive personal data of individuals who are a part of the national digital health ecosystem in compliance with all applicable laws and international standards.
“National Resource Centre for EHR Standards should be strengthened to ensure all the healthcare facilities/professionals use EHR solutions that meet the necessary standards. This helps in interoperability and portability of healthcare data, leading to a better care continuum,” stated NASSCOM Director, Lifesciences & Healthcare, Raghuram Janapareddy.
Aster DM Healthcare, Group CIO, Veneeth Purushotaman believes the focus should be on complete transparency on the data security, partners and ecosystem who will have access to data so that everyone has the necessary comfort to know that their patient data is safe.
The government is now working toward ensuring strong privacy of healthcare data.“We are circulating the policy draft to create more awareness about the importance of data privacy and instil a privacy-orientated mindset among all stakeholders and participants,” NHA Chief Executive Officer Indu Bhushan said.
Calling patient data privacy the most crucial aspect, Dr. Shabeer Ali, Managing Director, Hodo Medical Informatic Solutions said that no unauthorised party should ever be able to access any patient’s data. “Artificial Intelligence Systems need structured data, and digital health records provide just that,” he added.
Source: Economic Times