Screws on Health Sector Data Poachers being tightened; Digital Information Security in Healthcare, Act( DISHA) on cards
Cognizant of fact that the data breach incidents have deluged various sectors, including highly personal and sensitive data on individual’ s health profile, the Union government is all set to create a new narrative in the health sector by unveiling its plan for digital health security act.
The draft act has been placed in open for stakeholders’ take on that. The proposed legislation is harsh on prowling data poachers with stringent punishment that entails five years imprisonment and a fine of Rs. five lakhs.
The purpose of the Act is to provide for electronic health data privacy, confidentiality, security and standardization and provide for establishment of National Digital Health Authority and health information exchanges and such other matters.
Digital Information Security in Healthcare Act will be an Act to provide for establishment of National and State eHealth Authorities and Health
Information Exchanges; to standardize and regulate the processes related to collection, storing, transmission and use of digital health data; and to ensure reliability, data privacy, confidentiality and security of digital health data and such other matters related and incidental thereto. This Act may be called Digital Information Security in Healthcare Act( DISHA) and it extends to whole of India except the State of Jammu and Kashmir.
The Act shall come into force on such date as the Central Government may, by notification, appoint; and different dates may be appointed for different States and for different provisions of this Act.
The draft Digital Information in Healthcare Security Act( DISHA) makes it clear that any health data including physiological, physical & medical records, sexual orientation, history and biometric information are the property of the person who it pertains to.
The Act also talks about a health information exchange, a National eHealth Authority and a State Electronic Health Authority. These three authorities shall be duty-bound to protect the privacy, security and confidentiality of the owner’ s digital health data.
It says the owners have the right to privacy, security and confidentiality of their digital health data. The owners have the right to give or refuse consent for generation and collection of such data.
Under the proposed Act, the National
The Ministry of Health and Family welfare plans to set up a nodal body in the form of " National Digital Health Authority " through an Act of Parliament as a statutory body for promotion / adoption of e-Health standards, to enforce privacy & security measures for electronic health data, and to regulate storage & exchange of Electronic Health Records.
PERSONA THEME TRENDS WELL-BEING ISSUES RESEARCH NEWSCOPE
Volume 3 | Issue 3 | July-September 2018 63