Rs 5 Lakh Fine, 5 Years In Jail Proposed For Hacking Personal Health Records

Personal health records are among the most private pieces of information that citizens would like to protect. Besides your personal physician, you wouldn’t want other strangers accessing it.

Responding to this requirement, the Government of India has drafted a law that proposes tougher privacy and security measures for digital health data.

Similar Story

Trio's 'Uber for Healthcare' Aims to Make Hospital Visits Easier in India

Kerala-based startup ‘Mykare Health’ was founded by Senu Sam, Rahmathulla T M, and Joash Philipose with the aim of building India’s largest affordable healthcare network.

Read more >

In its proposed Digital Information in Healthcare Security Act (DISHA), any breach of digital health data of a citizen could incur a fine of Rs 5 lakh and jail term extending to five years.

“Any person who commits a serious breach of healthcare data shall be punished with imprisonment, which shall extend from three years and up to five years; or fine, which shall not be less than Rs 5 lakh,” the draft law states.

According to the draft law published on the Ministry of Health and Family Welfare’s website, health data includes physical, physiological, mental health condition, sexual orientation, medical records and history, besides biometric data. This information is the sole property of that particular citizen.

The data even extends to information surrounding a donation by a citizen of any body part, bodily substance or details of the particular hospital that he/she has accessed.

“An owner shall have the right to give or refuse consent for the generation and collection of digital health data by clinical establishments and entities,” except if there is a statutory or legal requirement.

More importantly, “insurance companies shall not insist on accessing the digital health data of persons who seek to purchase health insurance policies or during the processing of any insurance claim,” unless they receive their (persons) express consent.

With the draft on its website, the ministry has invited comments from the public by April 21. So, if you have any suggestions, please send them across before the prescribed date.

Another significant announcement in the draft law is the establishment of a National Electronic Health Authority (NEHAI), a State-level counterpart and Health Information Exchange.

Also Read: This 17-Year-Old CEO Is Offering Healthcare Solutions for India’s Elderly 

As per the draft, the 10-member NEHAI is expected to offer the necessary data infrastructure for the Centre’s landmark National Health Protection Mission, which is expected to cover 10 crore families.

Similar Story

Nebuliser to Wheelchair, This Initiative Rents Out Pre-Loved Medical Equipment for Free

Bengaluru's Ajayan Namminipurthu started Sanathya Foundation to provide free medical equipment, such as wheelchairs and nebulisers, to people who cannot afford to buy new ones.

Read more >

Those charged with data theft or breach have no option to challenge the punishment meted out to them in court, and adjudicating authorities at the State and Central level set up under this Act will possess the powers of a criminal court. Only the Centre, State government, National Electronic Health Authority of India and its State counterpart can issue a complaint in court.

Also Read: IITians Are Creating Technology to Make the Lives of the Elderly Much Better

Meanwhile, the Health Information Exchange will function under a Chief Health Information Executive will have “access (to)and process the digital healthcare data transmitted by the Clinical Establishments to further transmit the digital healthcare data as prescribed by the National Digital Health Authority of India.” Also, the CHIE is expected to ensure health data protection, and immediately notify the data breach to the owner.

(Edited by Gayatri Mishra)

Like this story? Or have something to share? Write to us: [email protected], or connect with us on Facebook and Twitter.
NEW: Click here to get positive news on WhatsApp!