Arnab Paul

NeHA ( National e Health Authority)

Blog Post created by Arnab Paul on May 2, 2018

Ministry of Health and Family welfare proposes to set up a National e Health Authority (NeHA) responsible for development of integrated Health information System in india.India is mulling over setting up a National eHealth Authority (NeHA) for standardisation, storage and exchange of electronic health records of patients as part of the government’s Digital India programme. The body, to be set up by an Act of Parliament will work on the integration of multiple health IT systems in a way that ensures security, confidentiality and privacy of patient data. I sincerely believe this would completely revolutionize healthcare in India. 


I am trying to figure out what would be the best way for GOI to go about implementing this program.


Here are my thoughts.

The critical issues are streamlining the processes and work flow.

For building a interconnected e-health system across public and unorganized private players within India it is going to be a challenging task. Several measures that can help connect the dots I think is:


Firstly, the Clinical establishment Act 2010, should be adopted and made mandatory for all the healthcare entities. Only a handful of states and UT have actually adopted the act. The reason being so many healthcare institutions are not under the GOI scanner yet, and they need to be regulated to be made a part of the Healthcare ecosystem.

Laboratory testing

Patients have not historically been given direct access to their laboratory reports, (usually Corporate Hospitals do not give the reports they end up storing it in their own system( Silos ). Private Stand alone laboratories do give them the report It is not simply an issue of the democratization of medical information, but a recognition that giving information to patients themselves may support communication among labs, physicians, hospitals, and other physicians.


Also, a patient gets his Laboratory tests done every time he visits a different healthcare entity, sometimes it is redundant and repetitious, inter connectivity would greatly help solve the problem if the healthcare provider could access the patient’s health record that is stored digitally.


Caveat: Now certainly a NABH Hospital cannot accept a non accredited lab report so how would we circumvent this problem, we certainly cannot treat both the Lab reports as reliable or at par, the latter would be viewed with a bit of cynicism and suspicion.


Some Lab report Cholesterol in Mg/dL and some in mmol/L all the Labs ought to follow same standards and Units of measurement, that brings us to the question how are we going to get all the private stand alone labs that have mushroomed in India to adhere to the NABL and NABH standards and if they are not, they will fall off the GOI radar and we will lose out on a lot of data.



Ideally, data exchange and standards should permit data to be shared between all the stakeholders in the healthcare ecosystem like the GOI, clinician, lab, hospital, pharmacy, and patient regardless of application or application vendor

Again, correct me but I have no idea how is GOI going to allow the private players to use SNOMED-CT, In essence it means that all the private doctors, Hospitals, labs ought to have access to SNOMED and to use it all of them have to have basic EHR software in place, and even if they have the EHR, how are they going to talk to each other, this is where the problem of interoperability will come into play.


Most of the healthcare entities have legacy systems or have some in house software that they use, but they need to follow the EHR standards for India, that was published in August 2013.


Privacy Laws

How will sensitive health data be kept confidential and secure in digital data-sharing environments?

India has no dedicated privacy and data protection laws and the same has been interpreted by Indian Supreme Court in

Article 21 of the Indian Constitution.


The government plans to set up a Data Protection Authority (DPA) The Privacy Data (protection ) bill 2013 does mention medical History, but we need to revisit it before it is made a law. While stringent safeguards have been provided for sensitive personal data — including medical history, biometric or genetic information, the interception of communication by any means has been prohibited unless authorised by law and on following certain safeguards, the draft bill has proposed.


In USA it is legally protected by the privacy provisions in the Health Insurance Portability and Accountability Act (HIPAA).

But some of the downsides to privacy laws are

  • Genuine problems with the law for mental health patients and caretakers. The potential inability to share information can be life-threatening
  • Clinical trials: We need to see that Privacy Data Protection laws does not create huge obstructions for biomedical researchers, who need access to large numbers of patient records to assess the efficacy and safety of new drugs and other research priorities
  • It has been claimed that more regulation stifles innovation, particularly in the burgeoning field of mobile health, where designers collect and wirelessly transmit patient data are having trouble meeting privacy and security requirements.


So, maybe we should have a more detailed and studied law for Mhealth so that it does not stifle growth and innovation.