National Health Authority (NHA) he has released the draft Health Data Management Policy of the National Digital Health Mission (NDHM) in the public domain. The draft is the maiden step in realising the NDHM’s guiding principle of ‘Security and Privacy by Design’ for the protection of individuals’ data privacy. It encompasses various aspects pertaining to health data such as data privacy, consent management, data sharing and protection.
Draft Health Data Management Policy
The key objectives of this Policy are:
- to provide adequate guidance and to set out a framework for the secure processing of personal and sensitive personal data of individuals who are a part of the NDHE in compliance with all applicable laws
- to safeguard digital personal health data, including the personal health identifier, the electronic health records and electronic medical records, by implementing adequate technical and organisational measures across the NDHE ecosystem
- to create a system of digital personal and medical health records which is easily accessible to individuals and health service providers and is purely voluntary in nature, based on the consent of individuals, and in compliance with international standards and other relevant standards related to data interoperability and data sharing as may be notified for the implementation of NDHM from time to time
- to increase awareness of the importance of data privacy and instil a privacy-oriented mindset among the members of NDHM and its ecosystem partners
- to ensure national portability in the provision of health services
- to establish appropriate institutional mechanisms for auditing of the NDHE as needed and to encourage stakeholders and ecosystem partners to adopt the data protection principles set out in this Policy
- to leverage the information systems existing in the Indian health sector by encouraging conformity with the defined data privacy standards and integrating such existing systems with NDHE.