DISHA (Digital Information Security in Healthcare Act) will enable the digital sharing of personal health records with hospitals and clinics, and between hospitals and clinics; it will be the basis for the creation of digital health records in India. As we've reported earlier, the National Health Policy has green-lit the creation of a National Health Information Network, for sharing of Aadhaar linked Electronic Health Records. DISHA appears to lay the groundwork for many health exchanges. The Ministry of Health and Family Welfare is taking inputs on DISHA till the 21st of April 2018. Submit your comments to egov-mohfw@nic.in. Summary: Digital Information Security in Healthcare Act (DISHA) (download) 1. Ownership of digital health data and rights of the data owner The digital health data generated, collected, stored or transmitted shall be owned by the individual whose health data has been digitised; A clinical establishment or Health Information Exchange shall hold such digital health care data, and any other entity who is in the custody of any digital health data shall remain the custodian of such data, and "shall be duty bound to protect the privacy, confidentiality and security of such data" The owner of digital health data can shall have the following rights: Consent: "the right to privacy, confidentiality, and security of their digital health data" and the right to refuse consent "for the generation and collection of digital health data by clinical establishments and entities," subject to certain exceptions. The right to give, refuse or withdraw consent for the storage…
