Digital health refers to integrating information technology into healthcare services and encompasses an array of components. There has been an increase in terms of innovation and investment to increase accessibility and make the model more patient-centric and suitable to the needs of patients. The World Health Organisation has defined digital health to mean “a broad umbrella term encompassing eHealth, as well as emerging areas, such as the use of advanced computing sciences in ‘big data’, genomics and artificial intelligence.”
For decades, the issues of access, affordability and quality have plagued healthcare in India. India ranked an abysmal 145 out of 195 countries on the Global Healthcare and Quality Access in 2016. The system suffers from the paucity of budgetary and human resources as well as sub-par infrastructure. The Covid-19 pandemic has exposed the fault lines in Indian healthcare, enormously straining existing resources. With technology making paradigm shifts to our lives during the pandemic, the ongoing health crisis brings an opportunity to improve the health landscape with digital health initiatives which are touted to be game changers in the sector. Recognising this potential, the National Digital Health Mission (NDHM) 2020 aims to create an “open digital health ecosystem”.
The NDHM aims at creating a robust public digital infrastructure that can be leveraged by all entities, public and private, to transform how healthcare is delivered in India. Its implementation is expected to improve the overall efficiency, effectiveness and transparency in Indian healthcare. It is also likely to bridge information asymmetries by providing access to more accurate information on health services providers and facilities. Moreover, access to health services remotely would improve given the mainstreaming of telemedicine/tele-consultations and e-pharmacies. A report by the BCG and FICCI also note that over the next 10 years, if implemented correctly, the NDHM can unlock incremental economic value of over USD 200 billion for the health sector. The integrated ecosystem will also enable a better continuum of care. It possesses the potential to accelerate India’s journey towards universal healthcare and open multiple economic opportunities for all stakeholders.
An integrated healthcare system facilitated by an e-health approach could be the key to fulfilling India’s vision of universal health care. This will require a radical shift from the present siloed healthcare delivery model to more collaborative and integrated approaches between and within the public and private sectors among different service providers-insurance, primary care, pharmaceuticals, and hospitals. This will encourage the seamless delivery of personalised solutions, ultimately making healthcare more patient-centric in India. Such an approach threatens existing business models and can foster innovations to cater inclusively to all sections of the society. For instance, telemedicine can be a cost-effective mechanism to deliver medical services particularly by connecting patients, doctors, nurses and midwives.
While this may sound like the silver bullet for India’s healthcare access and affordability issues in theory, the ground realities may be quite different. There are some pressing issues that must be tackled to prevent the digital health promise to fade away amid the digitalisation frenzy. India’s digital divide perpetuated by the inequalities in socioeconomic status, geography and gender are well known to all. Feminism In India (FII) recently highlighted the digital gender divide: women are 50% less likely to use mobile internet in comparison to men and nearly 63% of Indian women own mobile phones but only 21% of them use the devices. Low digital penetration among India’s female population can be explained by social and patriarchal norms, higher burden of online harassment on women and barriers to digital literacy.
India already faces the herculean task of adequately responding to the ever-increasing healthcare needs of the most disadvantaged strata of the society. An attempt to further digitalise healthcare services without a strong digital inclusion strategy will further deepen the inequalities in the Indian economy.
Above all, the mammoth challenge of privacy concerns looms over India’s digital health landscape. Currently, the digital health framework in India seems to be plagued by the lack of an adequate law that ensures the existence of a compliance mechanism and adequate sanctions. Linking everything to one unsecure source makes it susceptible to hacking and data breaches/leaks, something that has happened before. It would be wrong to test out the country’s infrastructure capabilities while private and personal sensitive data of billions of Indians is being handled. The framework must also ensure data minimization.
Recently, the government announced that they would be creating Unique Health Identifiers (UHID) based on Aadhaar authentication. Aadhaar is also being used during the vaccine rollout in India to help formulate a digital record of the number of people vaccinated and other supplementary information with the ultimate objective of potentially creating UHIDs for citizens who provide their Aadhaar information, ultimately creating a digital health record that now forms a part of government records. The provision of their details is not mandatory, however, and has multiple legal implications. The usage of Aadhaar, as reiterated by the Supreme Court of India, must be on limited grounds and to ensure that the beneficiaries under a scheme have access to and can gain the benefits envisioned.
In the absence of a data protection law, the standards for data protection are set by other ancillary pieces of legislation including The Information Technology Act, The Aadhaar Act, 2016 and other accompanying rules including the Aadhaar Authentication for Good Governance (Social Welfare, Innovation, Knowledge) Rules, 2020, etc. The creation of the National Digital Health Ecosystem in the absence of strong data protection standards leaves extremely personal sensitive data open to potential misuse and exploitation. the policies and framework could be considered premature in the absence of legal backing or the requisite vetting process under law.
The primary goal of digital health is to ensure that the process is patient-friendly and accommodative. Yet, the NDHM and the Draft Health Data Management Policy fails to elaborate in clear terms who the true owner of health data would be and only stipulates that such data will not be shared without the consent of the data principals but fails to assign ownership to them entirely. Outside this framework, the Government would have limited to almost no access to the health data of individual patients but through this framework the government will have access to billions of health records without having to find recourse through the judicial system.
The fear of misuse and lack of adequate infrastructure is not something imaginary or illusory. Data security is one of the biggest concerns of creating a digital health system. A breach in health data will have severe consequences as any tampering will result in faulty treatment and improper diagnosis. The current infrastructural setup in India sheds light on the possibility that India might not be ready to take on the herculean task of setting up a single Health ID system and ensuring that no data breach or any other irreversible harm occurs.
It was reported that information of people who had tested positive for Covid-19 was found online due to a data leak that affected government hospitals and the Indian Council of Medical Research. In 2019, the World Economic Forum’s Global Risk Report noted that the multiple Aadhaar breaches of 2018 in which the data of over 1.1 billion citizens was potentially compromised was one of the worst breaches of the year. Health data is exceptionally valuable and can be misused and sold for millions on the dark web where such sensitive information can be used to take out a loan, purchase medical equipment or illegal drugs or to commit similar crimes.
Any digital health system’s success would greatly depend on the level of trust and confidence it has with the public. The framework envisions the creation of a single access point. Linking everything to one unsecure source makes it susceptible to hacking and data breaches, something that has happened before. It would be wrong to test out the country’s infrastructure capabilities while private and personal sensitive data of billions of Indians is being handled. Experts from across the board have argued that the adoption of such an invasive system comes at a very nascent stage in India’s efforts. What is required is a more refined and an intersectional approach that addresses concerns of accessibility, affordability, privacy and cybersecurity in a more concrete and methodical way.
(Niharika is a member of the Rethinking Economics India Network. She is associated with the Monitoring, Evaluation, Learning Practice of IPE Global Limited. She is keenly interested in policy issues, particularly health, nutrition and financial inclusion. She can be contacted at email@example.com
Lian is a fourth year law student at School of Law, Christ. Her areas of interest include data privacy and content moderation. She can be contacted at firstname.lastname@example.org)