Areas of e-health, m-health, telemedicine, etc can be undertaken only subject to techno legal compliances. Presently the healthcare industry and healthcare entrepreneurs of India are acting more on the side of violation than compliances. Even the m-health service providers in India are violating Indian laws.
It must be understood well that the legal risks for developer and owners of healthcare websites cannot be ignored. Further, mobile medical devices and handsets and their respective applications must also be in strict conformity with Indian laws. Medical device makers, software providers and medical fraternity of India must also keep in mind the encryption laws of India and cloud computing related compliances of India.
Although we have no law on the lines of United State’s Health Insurance Portability and Accountability Act of 1996 yet there are numerous statutory provisions that must be complied with. These include privacy law compliances, data protection requirements (PDF), cloud computing compliances, encryption related compliances, cyber law due diligence (PDF), etc.
Some background work has already been undertaken by Indian Government in this direction. The Recommendations on Electronic Medical Records Standards in India (PDF) (April 2013) have been issued. Similarly, Electronic Health Record (EHR) Standards for India were also released in August 2013 and approved by the Ministry of Health and Family Welfare, Government of India. However, their implementation is still missing and they are not full fledged legal frameworks. We need to formulate dedicated techno legal frameworks regarding areas like e-health, telemedicine, etc.
Recently the AIIMS Bhubaneswar decided to launch electronic health card. Some other hospitals are already using telemedicine facilities. However, whether they are complying with techno legal requirements is still to be seen. Further, there is no transparency and accountability of such hospitals and clinics in the absence of a regulatory authority and appropriate law in this regard.
Now it has been reported that the Ministry of Health and Family Welfare is mulling to set up a central authority or agency to check compliance of standards in EHR ecosystem after due consultation with various stakeholders across the spectrum. According to health and family welfare secretary, Mr. Lov Verma “Ministry intends to set up a mechanism to monitor and evaluate implementation of and adherence to EHR standards and guidelines by various healthcare practitioners and vendors, thus we need to have an e-health authority which will be the regulator and which will see that EHR standards are being adhered to”. The Health and Family Welfare Ministry is also in the process of standardizing codification for health procedures in India and framing metadata and data standards (MDDS) for health sector, informed the secretary.
“MDDS will facilitate interoperability of e-governance applications by providing a common data information model for various stakeholders in the health system – national and state, public and private, to begin sharing meaningful information with each other in a timely manner.”
He further informed that a detailed project report (DPR) of a mission mode project (MMP) for application of information and communication technology (ICT) in health sector is also being prepared and the same will be submitted very shortly.
Prevalence of paper based record keeping system, inaccessibility of healthcare information to citizens and patients, absence of effective and transparent grievance redressal system, absence of e-referral system, data duplication due to issues in data collection and reporting, shortage of doctors and other healthcare specialists, lack of timely and inaccurate information and analytics tools for decision making together with improper utilization of existing technology in healthcare are certain major challenges being faced in India vis-à-vis health and IT, further highlighted the secretary.