Let data protection Bill deal with personal health data, says IAMAI

Private players in the health and technology space have responded to the proposed National Digital Health Blueprint (NDHB) and asked for issues pertaining to personal data be held off until the Personal Data Protection (PDP) Bill becomes law.
 
The blueprint, introduced by the Ministry of Health and Family Welfare (MoHFW) in July, suggests provisions for anonymiser, consent manager, health information exchange, and so on, with regard to health records of individuals.
 
“All data collected from individuals come under the permit of the Personal Data Protection Bill, which is under consideration by MeitY (Ministry of Electronics and Information Technology). The proposed Consent Management Framework would have to come under the purview of the Data Protection Authority (DPA) under the PDP Bill and the regulations formulated by the DPA for sensitive personal information like healthcare data,” the Internet and Mobile Association of India (IAMAI) said in response to the blueprint.

 

The PDP Bill has been in the works for over a year now, and is expected to get introduced in the Winter session of Parliament. The blueprint has proposed a National Digital Health Mission (NDHM) on the lines of the Aadhaar database, and setting up ‘digital health’ as public infrastructure. It has proposed to provide the technology platform for collecting core health data from providers and patients, a personal health record repository with consent, and health analytics.
 
“The IAMAI requests that all such provisions be put on hold till the PDP Bill is passed to prevent duplication of efforts and multiple regulatory compliances for digital service providers,” the association has said in its submission.

 
The IAMAI counts technology majors like Google, Facebook, and Apple as members as well as health tech firms such as Netmeds, Practo, 1mg, and mfine.
 
The MoHFW’s health blueprint also lays stress on involving the private sector, including service providers and insurance, and suggests interoperability of health care data. In addition, it has also said personal health records for the industry should be created in accordance with international standards and leveraging information systems already available in the heath sector. The IAMAI has pointed out that international standards may not be easily adaptable to the Indian context and there is a lack of standardisation in the existing digital health information. The NDHB has also proposed “to design, develop and put in place certain core and reusable applications and services, which are commonly used across the country and across the health domain”.

 
The IAMAI has said that instead of designing applications and services themselves, the NDHB could consider existing health systems.
 
“The private tech start-up sector has several developers working on such applications. The proposal for the NDHB to design its own applications is redundant, as long as these existing applications conform to the digital health standards,” it has said in its submission.
 
The association has alternatively suggested that the government encourage private developers to build on the NDHB framework and allow users the option of choosing the most efficient and user-friendly option.