For a hitherto under-documented country such as India, the National Digital Health Mission has been widely hailed as a game-changer of sorts, envisioned to completely redraw the health delivery services map of the country. Going a step further than giving a unique health identity to 130 crore people, the Mission envisages the digitisation of the entire health ecosystem, including professionals, healthcare facilities, insurance firms, pharmacies, labs and diagnostic centres. But like any mission of national importance with cyber technology at its core, it is bound to spark questions on the security and privacy of the health data of patients. Given the private nature of healthcare records, the supremacy of data privacy/security must remain non-negotiable.
In a recent case of a breach of health data, in February this year, a German security firm discovered the leakage of over a million medical records and 121 million medical images including X-rays and scans of Indian patients. Apparently, this breach was a configuration issue and a result of poor protocol practices. In another instance, Religare Health Insurance found the private data of over 5 million of its users and employees leaked on the dark web. Therefore, the security of health data remains a primary concern when it comes to the implementation of the National Digital Health Mission.
STAGGERING SCALE OF THE MISSION
For a mission covering more than 130 crore people serviced by nearly 12 lakh practitioners, 69,000 public and private sector hospitals, including 25778 government hospitals, 3000 drug companies and 18-19 lakh retail pharmacies, inclusive of 5000 organised retail pharmacies, this is a staggering quantum of data to negotiate. As such, a security breach would not be totally out of the ordinary.
VULNERABILITIES IN HEALTH DATA SYSTEM
Moreover, given the interconnected nature and scale of the programme, which involves such a large spectrum of players underpinned by an assortment of technologies, it is intrinsically riddled with data vulnerabilities. Indeedm in the draft on Health Data Management Policy, rules have been laid down for health information providers and users to access data through designated consent managers only after obtaining an informed consent of the data principal with “true ownership and control” remaining with the data principals. Yet, none of these are an iron-clad safeguard against an unscrupulous hacker from outside. That the consent manager is to be an electronic system again makes it even more vulnerable. Then the provision for sharing anonymised data for research and policy formulation is a tricky one because, when combined with other data sets, anonymised data can be re-identified, putting a big question mark on the privacy of data. Similarly, the provision for personal health identifiers to distinguish one data principal from another is also fraught with risks.
FOUNDATIONAL INFRASTRUCTURE
Since the whole Mission is steered by the government, it is critical that the government invests sufficiently in laying down the foundational physical infrastructure which must be of top quality. Given the federated nature of this health exchange system, device and platform differences must be eliminated as much as possible while evolving a common digital standard applicable across the continuum of care for inpatient, outpatient and remote patient monitoring. The interoperability and portability of the patient data from one health facility/hospital to another must be ensured.
SOFTWARE FOR INDIAN CONTEXT
The software standards must be adapted for the Indian context with built-in flexibility, keeping in mind the socio-cultural and economic milieu of the country. Only that software must be deployed where support through regular security patches and updates is provided. In terms of EMRs and EHRs, a balance between patient privacy and practitioner’s ease of use must also be accounted for. Some critical software would include anti-malware software, data loss prevention software, two-factor authentication software, patch management software disc encryption software and logging and monitoring software.
LATEST ENCRYPTION TECHNOLOGIES
There is also a need for employing the latest encryption technologies. Remember, while it’s relatively simple to encrypt data at rest in the cloud, data in use — that is, data being used by an application, and not sitting in storage — is much harder to encrypt.
SURVEILLANCE & REGULAR AUDITING
There is a need for 24×7 security surveillance as well, to ensure that every data byte is highly secure. Then the systems must be audited on a regular basis through an independent auditor. The auditor must be able to audit every configuration change made to multiple server components, including File Servers, and track user permission changes. Stringent access processes through password protection must be in place. Ethical hackers must be part of the cyber security teams to regularly check data protection standards and spot vulnerabilities, if any.
DATA SECURITY MEASURES
At the same time, it is also incumbent on the partner healthcare facilities, practitioners, drug companies, diagnostic centres, pharmacies, and even individuals to prepare themselves with the utmost data security measures. For instance, since EHRs in hospitals need to upload/download large files, images and radiology scans from remote servers, a dedicated broadband pipe must be there within the hospital. Then, picture archiving and communications system (PACS) server for Digital Imaging and Communications in Medicine (DICOM) files must be made secure completely through robust access processes.
PRIVACY VS SECURITY OF HEALTH DATA
Although privacy and security of data are intricately linked with each other, there is a subtle distinction between the two. In a country where social approval and acceptance is a measure of a person’s well-being, and being ill or diseased serves as a ‘social deflator,’ an individual wishing to access health services anonymously constitutes privacy. Against this, security is more about authorities misusing that data for surveillance purposes or businesses/individuals illegally using that data for private or commercial use.
In sum, only a continued spotlight on data security will eventually lead to a foolproof system. Remember, this is a top-down system initiated by authorities. Unless the people and the workforce are adequately trained in digital technologies, the system will remain vulnerable to misuse.
The writer is founder and CEO of Lisianthus Tech. The views expressed are personal.