Companies will be required to enter into non-disclosure agreements with employees when dealing with data processing for the government's Pradhan Mantri Jan Aarogya Yojana (PMJAY) public health insurance scheme, according to new guidelines released by the National Health Authority on July 15th. The guidelines specify grievance redressal mechanisms for entities handling data under the scheme, security standards they should implement for them, including implementing non-disclosure agreements with those processing such data, how they should deal with data breaches, an outline for a grievance redressal mechanism, principles to follow in privacy policies and so on. We have summarised its provisions below. Comments have been invited on the guidelines until July 25th and can be mailed to datasharing.mel@nha.gov.in Called the draft Data Sharing Guidelines, the consultation paper proposes regulation of data collection, use, processing, etc. by entities or implementing schemes under the government's flagship health insurance program PMJAY which provides a cover of upto Rs 5 lakh per family, for secondary and tertiary care. Why it matters? The guidelines could have a significant impact on how health data of 50 Crore people, that PMJAY claims to cover, will be collected, used, and processed by insurers. This becomes important as researchers have previously raised concern that digitisation of health could mean that health insurance providers could use health data to refuse to issue policies or increase premiums for people who may not seem satisfactorily healthy. Further, the guidelines have also been released for public consultation for only 10 days - a period which…
