Context

The National Health Authority (NHA) — the body responsible for administering the Ayushman Bharat Digital Mission (ABDM) — has initiated a consultation process on the retention of health data by healthcare providers in India. The consultation paper asks for feedback on what data is to be retained, and for how long.

Issues with the policy for healthcare data retention

• Risk of over-collection: A simple classification system, as suggested in the consultation paper, exposes individuals to harms arising from over-collection and retention of unnecessary data.
• At the same time, this kind of one-size-fits-all system can also lead to the under-retention of data that is genuinely required for research or public policy needs.
• Instead, we should seek to classify data based on its use. 

Do we need a policy for the mandatory retention of health data?

• Currently, service providers can compete on how they handle the data of individuals or health records, in theory, each of us can choose a provider whose data policies we are comfortable with.
• Whether the state should mandate a retention period at all is an open question.
• Given the landscape of healthcare access in India, including through informal providers, many patients may not think about this factor in practice.
• Nonetheless, the decision to take the choice out of the individual’s hands should not be taken lightly.

Balancing the policy for public health data retention with the right to privacy

• Four-part test for privacy: The Supreme Court of India has clarified that privacy is a fundamental right, and any interference into the right must pass a four-part test: legality; legitimate aim; proportionality, and appropriate safeguards.
• Health data and privacy: The mandatory retention of health data is one such form of interference with the right to privacy.
• 1] Legality: In this context, the question of legality becomes a question about the legal standing and authority of the NHA.
• Since the NHA is not a sector-wide regulator, it has no legal basis for formulating guidelines for healthcare providers in general.
• 2]Legitimate aim: The aim of data retention is described in terms of benefits to the individual and the public at large.
• Benefits to the individuals: Individuals benefit through greater convenience and choice, created through portability of health records.
• The broader public benefits through research and innovation, driven by the availability of more and better data to analyse.
• Risk involved: Globally, legal systems consider health data particularly sensitive, and recognise that improper disclosure of this data can expose a person to a range of significant harms. 
• Benefits must be clearly defined: As per Indian law, if an individual’s rights are to be curtailed due to anticipated benefits, such benefits cannot be potential or speculatory: they must be clearly defined and identifiable.
• 3] Proportionality: This is the difference between saying that data on patients with heart conditions will help us better understand cardiac health — a vague explanation — and being able to identify a specific study that will include data from that patient.
• It would further mean demonstrating that the study requires personally identifiable information, rather than just an anonymous record — the latter flowing from the principle of proportionality, which requires choosing the least intrusive option available.
• 4] Safeguard: Standards for anonymisation are still developing.
• We are not yet able to rule out the possibility of anonymised data still being linked back to specific individuals.
• In other words, even anonymisation may not be the least intrusive solution to safeguarding patients’ rights in all scenarios.

Way forward

• Clear and specific case for retention: The test for retaining data should be that a clear and specific case has been identified for such retention, following a rigorous process run by suitable authorities.
• Anonymise data: A second safeguard would be to anonymise data that is being retained for research purposes — again, unless a specific case is made for keeping personally identifiable information.
• If neither of these is true, the data should be deleted.
• Express and informed consent: An alternate basis for retaining data can be the express and informed consent of the individual in question.
• User-based classification process: Health-care service providers — and everyone else — will have to comply with the data protection law, once it is adopted by Parliament.
• The current Bill already requires purpose limitation for collecting, processing, sharing, or retaining data; a use-based classification process would thus bring the ABDM ecosystem actors in compliance with this law as well.

Consider the question “What are the advantages and concerns with the retention of public health data? Suggest the ways to ensure the privacy-centric public health data retention policy.”

Conclusion

A privacy-centric process is needed to determine what data to retain and for how long.

UPSC 2022 countdown has begun! Get your personal guidance plan now! (Click here)

Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024

Attend Now