wordpress blog stats
Connect with us

Hi, what are you looking for?

What notice provisions can benefit the healthcare sector? #PrivacyNama2023

Rajeev Sharma of Tata 1 Mg talked about the need to create definition for different types of data and data processing for efficient regulation in healthcare

“…there are so many different types of data types in this one data set that if a patient wants to share this data with someone, even inside the hospital ecosystem, whether it’d be a doctor, whether it’d be a nurse, whether it’d be a physiotherapist, whether it’d be an accountant at the reception, it’s very different data sharing that is required for each of the actors and for how long also totally depends on the kind of actor there is and if there is some sort of clarity on that in terms of, okay for a particular category or a set of data, this is the type of data that can be shared, this is the type of data that a user can decide to share or not share…” said Rajeev Sharma, Vice President of Tata 1 Mg, when talking about what kind of guidelines for notice provisions can help the healthcare sector.

Sharma spoke during MediaNama’s flagship event ‘PrivacyNama’ alongisde other speakers such as Abha Tiwari , Legal Head and Data Protection Officer at Renault, Richa Mukherjee, Director of Public Policy and Corporate Affairs at PayU, B. G. Mahesh, Co-Founder of DigiSahamati Foundation, and moderator Sreenidhi Srinivasan, Partner at Ikigai Law to discuss the next steps following the passing of the Digital Personal Data Protection Act, 2023 (DPDP).

The full conversation can be seen here:

This discussion was organised with support from Meta, PhonePe, Google, and Salesforce and in partnership with CUTS, and the Centre for Communication Governance.

Data and its processing must be categorised: Sharma said that there should be guidelines that call for a categorisation of data, its processing and the duration of such activities, especially for the healthcare sector. 

Advertisement. Scroll to continue reading.

In healthcare, entities obtain different types of data from a single user. However, the sharing of these individual  data types depends on whether the user is dealing with a doctor,nurse, physiotherapist, the accountant at the reception, etc. 

“It’s very different data sharing that is required for each of the actors and for how long also totally depends on the kind of actor there is and if there is some sort of clarity… [like] for a particular category or a set of data, this is the type of data that can be shared, this is the type of data that a user can decide to share or not share and there are enough means for [the user] to do it. I think that will really help,” said Sharma.

He added that the above example is specific to a “very low frequency throughout industry where a person would probably go to an outpatient department twice or thrice annually or go to an inpatient department once in 2-5 years. As such he suggested that there can be further definitions for different types of data usage, different types of actors. 

Clarity on data usage helps patients take decisions: He also stressed the need for clarity on the period of retention for various data types and the purpose for using the data since that also helps the user decide how long they want to share the data or withdraw permission for the usage of certain data.

This is important considering in the healthcare sector, patients already have a lot of data before going to a hospital. Then more data is generated and stored in electronic medical record systems with the patient’s chief complaint, history of chief complaint, patient family history, patient’s past history, prescription information, age, name and even, to a certain extent, credit card information.

A case study to highlight the importance of defining and policy-making for various datasets 

Advertisement. Scroll to continue reading.

In another session, Valborg Steingrimsdottir, representing the Data Protection Authority of Iceland, talked about the country’s own Act on scientific research based on health data and how the department has to monitor specific aspects of these researches based on the same. At the same time, other public entities monitor other aspects of these researches, which often leads to conflict. For example, there was a conflict between a private entity storing genetic information and the public hospital doing research on COVID-19 patients. 

“We had three major decisions where we came to the conclusion that there was a breach of both the Data Protection Act, as well as this Act on the scientific research. And we found that was a bit difficult for our cooperation with the other surveillance authorities, because we were not in complete agreement on how to interpret these Acts. But this is something that we take very seriously, because especially these researches, when you collide these health data and the genetic data, this can have a great consequence for people,” said Steingrimsdottir.

Also Read:

STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!


Written By

I'm interested in the shaping and strengthening of rights in the digital space. I cover cybersecurity, platform regulation, gig worker economy. In my free time, I'm either binge-watching an anime or off on a hike.

Free Reads


TRAI first introduced the idea of displaying the caller's name in a consultation paper back in 2022.


As per reports, the Unmanned Aerial Vehicles (UAVs) will be enabled with 5G capability and will be built to function in extreme temperatures and...


One of the X posts on Krutrim that blew up was about the AI model claiming that it was created by OpenAI as opposed...

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Notably, Indus Appstore will allow app developers to use third-party billing systems for in-app billing without having to pay any commission to Indus, a...


The existing commission-based model, which companies like Uber and Ola have used for a long time and still stick to, has received criticism from...


Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...


Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...


RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ