Legal aspect of Digital Health in India

What is digital health?

Digital healthcare programs is the implementation of digital technologies in the healthcare sector in order to make things efficient. These programs use Information and communication technologies to help resolve health problems faced by people under treatment and they include both hardware and software solution, ranging from mobile health apps, artificial intelligence to wearable gadgets.

Laws Covering Digital Services in India-

Information Technology Act, 2000, The IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, (Data protection rules), The Information Technology Rules, 2011 (Intermediary Guidelines). The digital health programs include sharing of data between patients and the service provider. Under Data Protection Laws. Personal information of patients like medical history is considered Confidential Personal Data. Consent is the most important conditions under the Data Protection Regulations which should be received in writing in the act.

Other Service Providers Regulations under the New Telecom Policy1999

Service providers providing Application service that consists of telemedicine services by means of telecom resources provided by telecom service providers must be registered with Telecommunications Department as Other Service Provider.

Telecom Commercial Communication Customer Preference Regulations, 2018

The TCCP Regulations forbid sending of unwanted commercial messages over SMS or voice message. Promotional messages can only be sent to customers who are registered and have an access provider and have opted to receive these messages. There are no legal restrictions over sending transactional messages. Any message sent for OTP/ purchases purposes is identified as transactional messages.

Drugs and Cosmetic Act,1940 and Drugs and Cosmetics Rules, 1945

This directs drug production, distribution, importing and selling. In many countries there is a difference between a medical prescription which should be marked under the control of a licensed pharmacist to obtain a valid prescription and those which general retailers sell over the counter. This Act distinctly states which drugs can be sold as prescription and non-prescription drugs. Prescription drugs are stated in Schedules H, H1 and X of the D&C Rules.

Key Emerging Technologies in Digital Healthcare

  • Telemedicine- Improved Healthcare Apps, Solidifiying cyber security.
  • Wearables
  • Artificial Intelligence
  • 3D Printing in the Clinic.
Legal Issues in Digital Healthcare-

The use of developing technology such as telemedicine, digital health apps will help bring drastic changes for both providers and patients. However, with increased communication, there is more threat to both the protection and privacy of patient information. Many digital health and telemedicine firms are aware of data protection and breaches. Moreover, the careful sharing of protected health information (PHI) with third parties is a more important field of application, whether it is done for data mining, analysis, or marketing purposes.

Data use:

Data Sharing:

Data Use-

Data Security is an important matter regarding use of personal data. The Electronic Health Standards were chosen from the existing and commonly used standards applicable to international electronic health records, with regard to their suitability and applicability in India. Accordingly, the EHR Standards 2016 framework is notified and submitted for implementation in IT systems by healthcare organizations and providers around the world. MoHFW promoted adoption of HER standards by making available free-to-use standards like the Systematized Nomenclature of Medicine Clinical Terminology (SNOMED CT) in India.

Through the implementation of DISHA, the MoHFW aims to build a legislative body, i.e, a national digital health authority to promote and adopt: e-health standards, regulate storage and sharing of electronic health data and implementing privacy and protection guidelines for electronic health data; The MoHFW ‘s National Digital Health Authority (NeHA) is a present authority that intends to be responsible for making an integrated health information system in India.

Data Sharing-

The main concern that comes to sharing of personal data are primarily, but is not limited to confidentiality, data exchange control security and privacy, knowledge,accountabiliy, trust, and responsibility. Digital Information Security in Healthcare Act (DISHA) was created by MoHFW to protect data from the healthcare sector, giving people full control of their health information. DISHA proposes three main objectives such as:

  1. Set up national and state digital health authority
  2. Implementing privacy and security measures for electronic health data;
  3. Regulating the storage and sharing of electronic health records.