Importance of a National e-Health Authority (NeHA) during COVID-19

digital health India

The Ministry of Health and Family Welfare, in the year 2015, published a note on establishing a National e-Health Authority (NeHA) to regulate the emerging usage of electronic mediums in healthcare, especially for maintenance of e-Health records and digital health information across India. The goal of NeHA was to ensure development and promotion of e-Health ecosystem in India for enabling, organizing, managing and providing effective people-centred health services to all in an efficient, cost-effective and transparent manner.

Its envisaged functions –  

1.     Policy and promotion
•    To work out a vision, strategy and adoption of time plans, with timeframes, priorities, and a roadmap in respect of e-Health adoption by all stakeholders, both public and private providers, large-scale hospitals and stand-alone clinics.
•     To formulate policies for e-Health adoption that are best suited to the Indian context and enable accelerated health outcomes in terms of access, affordability, quality and reduction in disease mortality and morbidity.
•     To engage with stakeholders through various means so that e-Health plans are adopted and other policy, regulatory and legal provisions are implemented by both the public and private stakeholders.
•     To provide thought leadership in the areas of e-Health.
•     To effectively promote adoption of e-Health in the country, NeHA would have the mandate to set up an agency to provide oversight, handholding, capacity building, etc. 

2. Standards development, release, and maintenance
•     NeHA will oversee and actively work with all relevant stakeholders including SDOs for formulation and adoption of health informatics standards.
•     NeHA will act as a focal agency for participation or engagement with global SDOs in e-Health such as IHTSDO. It will undertake all activities leading to adoption and release of suitable standards and Indian profiles

3. Legal aspects including regulation
•     NeHA will act as an enforcement agency with suitable mandate and powers.
•     NeHA will be responsible for enforcement of standards and ensuring security, confidentiality, and privacy of patient’s health information and records.

 4. Setting up Electronic Health Exchanges for interoperability
•    NeHA will prepare technical and policy documents relating to architecture, standards, policies, and guidelines for e-Health record repositories and HIEs.
•    NeHA may also initiate Proof of Concept (PoCs), in close consultation with governments – central and states, industry, implementers and users.
•    NeHA would lay down operational guidelines and protocols, policies for sharing and exchange of data, audit guidelines and the like; these shall be guided by experience in operation and the use of PoC, global best practices and consultations with stakeholders (MoHFW, state governments and other public and private providers, academia, R&D labs, and others).

5. Capacity-Building
•   NeHA would co-work with academic institutions to spread awareness on Health Informatics and e-Health to health care delivery professionals. NeHA would provide inputs in terms of areas of need/requirement of different courses according to the background of the learners, to academic institutions.

6. Certification framework
•  NeHA will collaborate and work with STQC, Department of Electronics and IT (DeitY) in creating a certification model for certification of HER products where STQC is envisaged to function as the certification body.

7. Other functions
•   Incidental to the discharge of its functions or as assigned to NeHA by the government or Parliament or as the situation warrants.

Acting on its vision for NeHA, the Ministry had introduced a draft bill for Digital Information Security in Healthcare Act (DISHA).

The DISHA healthcare law will give complete control of digital health data to the owner of that data. The owner of digital health data will have the right to:

•    allow or refuse the clinical entities to generate and collect his/her data;
•    refuse, allow, or withdraw his/her consent for storing and sharing of data;
•    refuse entities from accessing or exposing his/her data;
•    choose what should be collected and what not, based on the purpose of data;
•    know where the data is being transmitted and to whom;
•    access his/her data;
•    get his/her health information rectified by the related entity if there is any inaccuracy or incomplete data;
•    get notification by the related entity whenever a clinical establishment accesses the data;
•    if there is any health emergency, the data will be shared with family members;
•    get compensation if any damage is caused because of a data breach.

Ministry of Health and Family Welfare forwarded the draft legislation to Ministry of Electronics and Information Technology (MeitY) seeking their inputs and guidance. As of July 2019, MeitY was in process of enacting ‘Data Protection Framework on Digital Information Privacy, Security & Confidentiality Act’, which would be applicable in all domains including health. This Act would provide the framework for the Ministry to utilize the patient data in programmes in a secured manner. 

Covid-19 has demonstrated to us that the health of each member of a society impacts that of the other. And without health, it is not possible to create wealth, as is evident by the current lockdown to fight the pandemic, shows. The coronavirus has provided a new start for digital infrastructure development. Using cloud, big data and Artificial Intelligence applications creates room for industries to develop and build new business models that help citizens understand the severity of the pandemic and ensure preventive measures. Innovations in integrating healthcare and technology like the proposed NeHA will help a large population to access healthcare.