scorecardresearch
Follow Us:
Saturday, September 26, 2020

Health ID data privacy: Patients to be able to withdraw consent ‘any time’

Those processing the data, including health information providers and health information users, are expected to formulate and implement a “personal data breach management mechanism”.

By: PTI | New Delhi | Updated: August 27, 2020 12:53:32 am
kolkata coronavirus latest updates, indian medical association, kolkata police, kolkata elderly persons living alone, ima doctors for kolkata elderly persons, kolkata covid, kolkata city newsA senior officer of Kolkata Police said, Doctors’ numbers should be available in each jurisdiction for emergency situations. (Representational)

The government Wednesday released a draft of its Health Data Management Policy, detailing how patient information will be collected, processed and managed under the National Digital Health Mission’s (NDHM) digital health IDs. The National Health Authority (NHA), which is implementing the mission, has sought public comments on the draft by September 3.

The policy, which comes in the absence of clear data protection and security laws, draws from existing and proposed legislation to propose a framework that would safeguard patient information.

The Indian Express reported on August 19 that NHA had carved out two policies in an effort to implement NDHM’s “privacy by design” approach to safeguarding patient information. The mission was launched by Prime Minister Narendra Modi on Independence Day during his address from the ramparts of the Red Fort.

The draft states that patients who opt for the health ID will be given “complete control” and decision making power over the manner in which their personal data and any sensitive data associated with them is collected and processed. They will also be allowed to withdraw their consent “at any time”.

Explained

Draws from exisiting proposed legislation

The policy, which comes in the absence of clear data protection and security laws, draws from existing and proposed legislation to propose a framework that would safeguard patient information.

Those processing the data, including health information providers and health information users, are expected to formulate and implement a “personal data breach management mechanism”.

This is to ensure that any instances of violations and non-compliance, including any unauthorised or accidental disclosure, sharing, alteration or use of the personal data, are “promptly” reported to the NHA and other relevant entities.

The NHA, on its part, shall formulate and implement procedures to “identify, track, review and investigate” such incidents and will maintain a record of these instances along with the action taken.

“Without prejudice to the foregoing, in the event of any incident of data breach, the person responsible for such breach shall be liable in accordance with the provisions of applicable law,” states the draft policy.

📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest India News, download Indian Express App.

0 Comment(s) *
* The moderation of comments is automated and not cleared manually by indianexpress.com.
Advertisement
Advertisement
Advertisement
Advertisement