A fortnight after the prime minister announced the digital health mission the government has put health data rules in public. And, unlike the personal data protection rules which give overarching control to the government, the health data norms are more liberal.
Although almost all countries conducted a hack the crisis challenge in some form or the other in the hope that technology may provide an answer to tackle the pandemic, this near-consensus was missing from coronavirus tracking apps. South Korea, which is experienced in handling virus outbreaks before, was one of the few economies to come up with tracking app to contain the spread, but western countries scoffed at the idea of tracking people.
Pandemic, many believed, could not be the reason to forego privacy.
The privacy versus the pandemic debate has taken a different turn in countries like Taiwan, where the people have been asked to surrender data willingly. Indian model hasn’t been too different either. Although the government launched its contact tracing app, Aarogya Setu, and made it mandatory, the option of data sharing is left to the user.
The government is trying to replicate this approach in its new health policy as well.
A fortnight after the prime minister announced the digital health mission the government has put health data rules in public. And, unlike the personal data protection rules which give overarching control to the government, the health data norms are more liberal. The government will still be the nodal authority to issue health IDs, but the data principal or the user will have a choice to request deletion of all data and opt-out of the service. This freedom is also available to health practitioners and health facility.
However, for the programme to be successful, the government cannot afford people or health facilities to drop out. A better idea would thus be to leverage technology to ensure participation. One of the problematic areas here is trust.
This is also a reason for the slow uptake of Aarogya Setu. While the government did a decent job in creating the app, it could not assure privacy. It cannot afford to repeat this for its health database.
While it is already trying to leverage trust mechanisms—blockchain is being used for land registry—it can modify these systems to be used for healthcare records as well. Not only would this ensure security, but it will also help the government create silos of user information in a decentralised manner. For instance, a user will have the right to provide access to only specific information. Besides, it will also help the government create a dashboard, which will help identify who all have been granted access to user data. It will also help detect data breaches in real-time.
A survey conducted by LocalCircles last week found that 82% of users supported the creation of health ID. Still, only 57% wanted the health ID to have more than basic health information, and only 48% supported anonymisation of data for research. This may already seem like a victory for the government, but confidence is fickle, all it will take is one data breach to change those percentages, and India cannot afford to push digitalisation by another decade.