Subject to the consent of the participating individual/patient, their health data will be made available for use by the treating doctor or physician, and more parties such as health insurance companies.

The involved digital infrastructure for storage and accessing this data will be built on the National Health Stack. The stack is a collection of pre-written code (or commonly referred to as APIs) specific to interface with the ABDM system. This will be one platform where those interested (and approved) file for insurance claims, can perform analytics in addition to storing individual health data and hosting the repository of various medical agencies. This health stack will also integrate with payment gateways. Currently, around 14 crore users have enrolled for a health ID with the ABDM and the programme has been piloted for a year in six union territories in India.

Challenges

Although ABDM is visionary and can be the much-needed digital intervention to improve healthcare access in India, it’s implementation and overall objectives need more thought. There are some issues that can be foreseen. These include patient-physician trust, technological challenges, and data protection. Firstly, in instances where remote or specialised consultation is being sought, a new physician or a doctor will need to gain the patient’s trust for obtaining consent of the patient to share their electronic health records.

Secondly, while India may boast of local talent pool from the Indian Institute of Technology and the like, Information Technology (IT) in the public sector can definitely use an overhaul. The public sector IT systems lack faster internet speed, robust websites, and lags in providing a seamless user experience. The ABDM can have millions of users logged in at a given time. Now, imagine sitting with the physician and facing speed or data loading issues during your appointment. Your appointment may not be as useful, and the consultation fee may also be foregone incase the appointment is cancelled. For a country where rates of computer illiteracy are high, interfaces need to be kept simple and should be more user friendly. This is not quite the case for most public sector websites at the moment. There is also the issue of citizens living in rural areas accessing such a facility digitally. These citizens would need to rely on their treating doctor or physician, who is local to them, to register them for the health ID. This treating doctor or physician would also need to be trained in dealing with patients’ personal details and, most importantly, the fact that enrollment into the ABDM Health ID is voluntary, and not mandatory. Explanation on how the system works and the involved intricacies would also need to be communicated to allow citizens, especially in rural areas, to make an informed decision.

For a country where rates of computer illiteracy are high, interfaces need to be kept simple and should be more user friendly.

Third, one of the most important concerns is related to data protection. In the absence of data protection laws, both storage of one’s health data and its use will need to be governed by well laid down rules, even if there is consent by the individual/patient. Currently, there is a Data Empowerment and Protection Architecture (DEPA) drafted by the NITI Aayog in 2020 to govern access of such data by public and private agencies. The DEPA involves the use of ‘consent managers’ that will act as an intermediary between the individual and the agency seeking access to your data. The consent managers will not have access to the data but merely facilitate sharing of the data subject to the individual’s consent. The DEPA draft is more aligned to the financial sector wherein rural individuals or small-medium enterprises need to seek loans or access insurance services. For ABDM, the DEPA entails that if the individual/patient provides consent then their data can be shared to the agency requesting access. Granting of ‘consent’ to a doctor or any other involved agency such as insurance companies should not mean that the data can be used for any other purpose than what the consent was granted for or be stored by them locally. All involved parties would need to comply to protection of such data and put in place measures to adhere to data protection norms. The involved human resource should be sensitised and trained on protecting such data and in maintaining highest level of data privacy.

ABDM claims that the individual is at liberty to deny consent in sharing their data; however, this may lead to some penalisation of the individuals who do not provide consent. For example, an insurance company may incentivise those who consent to share their electronic health data and make processes more rigid for those who do not. Additionally, in some cases, consent may be sought from the organisation and not the individual. This would bypass individual consent for each request and needs another set of data governing rules, which are well-advertised and explained to the individual providing consent.

There is an important concern with the overall objective of the ABDM. The ABDM is being ‘marketed’ as a service provider to redefine how healthcare is accessed by Indians. In the current form, ABDM lays little emphasis on the use of this health data by the public health research community. Electronic health records are most useful to public health research. In the absence of electronic health records, data for public health research studies is usually collected by public health agencies or research institutes as part of an ongoing or new study. This requires time to plan the study, recruit participants, and train field staff before the actual data collection. To facilitate longitudinal analysis, such data collection also needs to be carried out at pre-decided future intervals that could be months or years apart. The limitations to this include high cost and lengthy durations of time. Having access to pre-collected data will address both these limitations. Most importantly, data from the health ID is likely to be more complete as compared to most hospital records in India, which comprise of paper prescriptions or manual register entries.

Objectives of National Digital Health Mission

1. Establishment of Digital Health Systems
   • Core digital health data managed by these systems
   • To manage the Infrastructure requirements for seamless exchange of services.
2. Creation of Registries
   • It will have all credible data of clinical establishments, healthcare professionals, health workers, drugs, and pharmacies
3. Enforcement of adoption of open standards by all national digital health stakeholders
4. Establishment of Standardized personal health records
   • It will take inspiration from international standards
   • Based on an individual’s informed consent, the records can be easily shared between individuals and healthcare professionals, and services providers.
5. Enterprise-class health application systems
   • The aim will be to achieve health-related Sustainable Development Goals (SDGs).
6. Adoption of cooperative federalism while coordinating with states and union territories.
7. Promotion of private players’ participation along with the public health authorities
8. Making healthcare services portable nationally.
9. Promotion of Clinical Decision Support (CDS) Systems by healthcare professionals.
10. Digitally manage:
    • Identifying people, doctors, and health facilities,
    • Facilitating electronic signatures
    • Ensuring non-repudiable contracts
    • Making paperless payments
    • Securely storing digital records, and
    • Contacting people

The National Digital Health Mission is set to be built alongside the existing public digital infrastructure like PM Jan-Dhan Yojana.

Components of National Digital Health Mission

There are four components:

1. National Health Electronic Registries
2. A Federated Personal Health Records (PHR) Framework – It will fight twin challenges of:
   • Access to healthcare reports/data by the patients and the healthcare provider for treatment
   • Making the data available for medical research
3. A National Health Analytics Platform
4. Other Horizontal Components like:
   • Unique Digital Health ID,
   • Health Data Dictionaries
   • Supply Chain Management for Drugs,
   • Payment gateways 

     The ABDM is being ‘marketed’ as a service provider to redefine how healthcare is accessed by Indians.

     The COVID-19 pandemic has made it clear that to obtain evidence-based findings real-world data needs to be available. While there is no doubt that with prior health records, a doctor or physician can flag the severity of COVID-19 for someone who has a history of diabetes or blood pressure, the reverse of this is also true. Using medical history and disease end-point data, unknown risk factors of the disease can also be identified. This would require that electronic health records be made available and supplemented with additional information of the patient such as lifestyle. For western countries, electronic health records are maintained at the hospital level, and they commonly store responses to basic lifestyle questions as part of the patient’s health record.

     Having data on exposure variables is most crucial to public health studies to identify new risk factors of diseases. In the ABDM context, this could mean that if any public health research wants to use ABDM health data then they will also need the identifying information of the individuals to contact them to seek consent to be recruited in the study. They could violate data protection and make ABDM less conducive to public health research because data on exposure variables can be collected only once the individuals are recruited. For a country like India, population-based public health studies are very few as compared to western populations. Non-availability of data is a strong detriment. A system like the health ID under the ABDM must cater to this lacuna and efficiently utilise the currently proposed framework.

     Overall, the ABDM is a step in the right direction. Its aim is to digitise the health sector and improve healthcare access for Indians. Just like any new system, the ADBM is not without its challenges. These challenges detailed above can be addressed but are also subject to will, and availability of time and resources.