New Delhi, Sept. 9: India took an ambitious step towards the practice of telemedicine amid fears that the data collected from citizens could be misused in the absence of a law to protect it.
The information and technology ministry, which is working on a telemedicine project in collaboration with the Calcutta-based School of Tropical Medicine, today submitted a draft to the communications and information technology ministry.
It will be discussed with the health ministry and state governments before implementation of the telemedicine project.
“We have set up a project in association with the School of Tropical Medicine in Calcutta. This hospital is connected with three health centres at Cooch Behar and Howrah through a high-speed network. Patients can be checked by doctors from the school and get prescriptions at a normal fee to be charged by the service provider,” said B.S. Bedi, senior director in the department of information and technology, ministry of communications and information technology.
A special project for the Northeast in association with the Naga Hospital at Kohima has been proposed.
Among the suggestions is a network with a data speed of 384 kilobytes per second for telemedicine. At this speed, doctors at a specialised hospital anywhere in the country can examine patients even in far-flung areas of the Northeast or Jammu and Kashmir and prescribe medicines within a short span.
Another recommendation for “minimum data sets” — health records that an individual may not like to be made public for fear of commercial or security risk, but is absolutely essential for the practice of telemedicine — could stir a hornet’s nest.
Sources in the IT ministry committee that submitted the draft said: “We had problems in finalising the details of minimum data sets. It is a controversial issue, as has been witnessed in the US and other European countries where telemedicine and health record keeping are at an advanced stage.”
The key problem in India is the lack of a data protection law. “In India, we do not have any data protection law. There is need for such a law as the data would be of immense commercial value to companies and the government. It is a sad situation where the Information Technology Act, 2000, defines the word ‘data’, but is silent on data protection,” said Pavan Duggal, advocate and an expert on cyber law.
A minimum data set is a widely accepted set of terms and definitions making up the core of data acquired for medical records. The panel has suggested that they should be based on two formats — one, common for all diseases and another, specific to some diseases.
In the first format, the data collected is standard across all diseases and conditions such as referrals and demographics.
Referral information includes details such as source of referral, referrer’s code, while demographic information will contain one’s family name, surname, permanent address, literary status, annual income and so on.
In the second, the data collected would be for specific diseases and conditions such as disease assessment, disease stage, risk factors, complications, treatment and outcomes.
Personal data is a very delicate issue and can be misused by anybody, like narrow religious outfits or by fly-by-night operators. Sensitive data can be classified as identification of racial and ethnic origin of an individual, political opinions, religious beliefs, membership of a trade union, physical or mental health conditions, sex life, criminal offences, criminal proceedings and convictions.
Communications and information technology minister Arun Shourie recently said: “We have formulated a draft on data protection and it would be circulated to the ministries concerned. We do not wish to hurry up as this is being examined by many countries in Europe.”
In the US, the Enactment of Data Protection Act, 1978, and the Health Insurance Portability And Accountability Act, 1996, not only stipulate the way for standardisation of format to maintain health records, but also lay down penalties for those misusing the data.