By Rohin Garg& Gyan Tripathi
Scenario 1: You fall sick, and you go to a local health dispensary. You get your tests done, get your prescription on a piece of paper, and purchase the medicines. The test reports, prescriptions, and other medication is neatly stacked in a file and handed over to you with the advice to bring it on your next appointment.Scenario 2: You fall sick, you go to a nearby super-speciality hospital chain. On your arrival, you are allotted a Unique Health ID (UHID) on which all of your personally identifiable information (PII) is stored.
You are advised to cite the UHID on your arrival to the hospital or any other branch of theirs.Even today, India’s healthcare regime suffers from a fragmented record management system. Sometimes it is stored in its original form—on prescription papers, physical files and stacked folders; other times, it is fed into digital databases and stored in data warehouses. The presence of these fragmented approaches fail to achieve long-term health benefits and therefore affect patients rights.
The envisaged National Digital Health Mission (NDHM) under the Ayushman Bharat Digital Mission aims to create a digital health ecosystem by leveraging open, interoperable, standards-based digital systems to provide data, information and infrastructure services in an efficient, accessible, inclusive, affordable, timely and safe manner.To overcome the well-documented challenges with India’s healthcare system, the National Health Authority of India released the draft Health Data Management Policy in 2020.
Subsequently, the Government of India notified the Unique Health Identifier Rules, 2021, invited comments on the design and functionality of the Unified Health Interface and on the draft Health Data Retention Policy in 2021. All of these Rules and Policies are envisaged to form the foundational layer of the NDHM and expand interoperability of health services. The NDHM ecosystem is predicated upon the principle of a ‘federated’ data storage and management architecture, i.e., health data collected from Health Information Providers and stored with Health Data Registries would be interoperable, independent and on decentralised information systems.
In simple words, each interaction of a patient with any healthcare facility would be ‘data-fied’ and stored across different institutions and data systems.A stark difference between the two scenarios mentioned in the beginning, apart from the forms of data collected, is the number of actors the data is shared with: while previously the data collected was confidential between the patient and their doctor, now that data is a shared commodity between several actors whose primary motivation might not be patient welfare.
The UID so generated in the process of receiving healthcare, is managed by a Health Data Fiduciary (usually the visiting hospital) via a Consent Manager, shared between Health Data Registries, Health Information Users and other Health Information Providers. Therefore, as experts and feminist scholars say, with increased digitisation of data comes increased dehumanisation of data. When health data is dis-embodied from a patient and stored over a database, ready to be gleaned by data aggregators to furnish its ‘value’ in a data economy, people lose control over it.
Healthcare is characterised by informational inequality, i.e. the information possessed by a doctor as to the possibilities and consequences of treatment are much greater than that of the patient, and there is implicit trust in the relationship and therefore, theoretically at least, the Health Data Management Policy consent framework empowers users to exercise “control and decision-making power over the manner in which personal data associated with them is collected and processed further”. However, once disembodied, the control over data is never binary. Dissociation of data from the body also decontextualises the collected data and therefore opens it up to possibilities of human exploitation and manipulation.
While it is true that the data collected at the HIP stage is largely unchanged, feeding structured data into a federated system in the absence of any robust data protection regime might prove to be a disastrous step for patients’ rights. Instead of being used for better-informing policies and patient welfare, this data may, in turn, be used by private actors to serve business interests over the patient’s best interests.
The current Health Data Retention Policy is also not clear on the retention timelines of health data. Further, prescribing a blanket retention duration for all health data types would be sub-optimal. For instance, for some categories of sensitive personal data such as those relating to abortion or suicidal cases, patients or their data custodians might want to erase sooner than later. Similarly, for health records such as those pertaining to genetic or ontology-based personalisation of healthcare, patients may want to keep certain health records in a digitalised form.
A long blanket retention period may also be inimical to the rights of patients, as Health Information Users may be able to exploit these long timelines and further their own commercial interests. Additionally, it is regrettable to note that the Policy is only prospective and does not cover the health data captured earlier.Any unfortunate but not unlikely event of misuse of personal data would most certainly result in either an identity theft: any malicious actor, having gained access to medical records of an individual, can without effort mask and obtain a fraud medical settlement from any insurer. There could also be weaponisation of sensitive data: medical records are classified as sensitive personal data under DPA, 2021 and even historically, people tend to exercise strict control over their medical history.
Therefore, in the event of a breach, such information can be weaponised against individuals or groups of individuals to threaten, influence or exploit them.Although the envisaged aim of the draft Policy is to ensure an efficient healthcare system by encouraging interoperability of patient records and retention of records to ensure better healthcare, safeguarding patients’ rights, and not only industry needs, should be a prerequisite required for implementing a robust digital health records system.
Garg is policy counsel (regulation and social welfare) and Tripathi is policy intern, Internet Freedom Foundation