The Central government has made confident strides in the recent past towards digitisation of healthcare systems. Patient monitoring, online registration, acquiring patient feedback, beneficiary identification, transaction management, funds flow, claims payment, etc, are increasingly done using digital systems.

To speed up this digital transformation, the NITI Aayog had announced the launch of the National Health Stack earlier this year. It was envisioned to facilitate the collection of comprehensive healthcare data across the country, and to converge national health electronic registries, a coverage and claims platform, a federated personal health records framework, a national health analytics platform, etc, to form a unique digital health ID.

But in times of data privacy concerns, steps need to also be taken to protect patient identity and data, during this complete digital transformation of the nation’s healthcare system.

The rationale behind a National Health Stack was to tackle glitches that prevented healthcare services from reaching those they were intended for — a problem exacerbated by the absence of robust systems to accurately and speedily identify and prevent health insurance fraud, leading to funds leakage and long claims cycle time. All in all, the overarching deficiency seemed to be the absence of reliable and timely aggregated patient-level data. The result — reduced scope to evaluate the performance of various ecosystem players or measure outcomes to make evidence-based decisions.

A National Health Stack would, as a common public good, eliminate duplication of efforts, enable the rapid roll-out of various health initiatives, achieve convergence and build the momentum to ultimately attain universal health coverage. It would also ensure timely claims repayment to service providers, prevent funds leakage through robust fraud detection systems, enhance policy-making capacity through regular reporting of the impact of healthcare initiatives and reinforce trust and accountability through transparent transaction audit trails.

Privacy, a grey area

Big data in health can support a wide range of healthcare and medical functions. Digital health systems have proven to be effective in developed countries, and for resource-poor countries, they hold great potential for improving accessibility, affordability, and quality of healthcare.

But data privacy in India remains a grey area. India currently lacks any comprehensive data protection regime which can safeguard people against violations of their privacy in this digital age. While the proposed Health Stack boasts complete anonymisation of health data and promises that access to health data would be governed by consent, in the absence of a law in India that controls and regulates transfer of data, there is need to proceed with caution.

The protection and privacy of health data, classified as sensitive personal data by the Personal Data Protection Bill 2018, would be governed by its provisions. The Bill, scheduled to be placed in Parliament during the winter session, is influenced by the European Union’s General Data Protection Regulation. In effect, it would give Indian data subjects extensive data protection rights while imposing restrictions on the collection and processing of sensitive personal data, like the right to confirm, access and correct their data. It would also allow data subjects to reserve the right to have their data forgotten and would also govern data portability. The future of this Bill will unequivocally impact successful implementation of the National Health Stack.

Foreseeable barriers to the successful implementation of the National Health Stack include a lack of trained or qualified staff, funding issues, growing infrastructural requirements, the fear of technology, and resistance to change within the health workforce. This can be addressed through learning programmes that demystify processes, besides capacity building in training health sciences students in medical informatics and telemedicine.

The move towards digitisation should aim, above all, to enhance access to such technologies for the poor and marginalised who stand to gain the most from advances in healthcare and e-health. The greatest challenge, going forward, will be to generate evidence through evaluations that e-health can improve health system performance, facilitate informed decision-making, and enhance patient outcomes.

Such evaluations, if built into the delivery framework of the National Health Stack, will enable timely course correction.

A sound governance mechanism based on accountability, participation, consistency, and transparency is critical to effectively manage such a complex and comprehensive healthcare network.


The author is a Deputy Manager (Research) with Sambodhi Research & Communications. Views expressed are personal