Select Page

This article was originally published in the Indian Express.

This is in follow up to the recently held Radcliffe Advanced Seminar, “Exchanging Health Information.”


By Satchit Balsari, Fellow at the FXB Center for Human Rights and Tarun KhannaJorge Paulo Lemann Professor, Harvard Business School; Director, South Asia Institute

Ten years ago, it would have been impossible to imagine a world where tapping a piece of glass in the palm of your hand would allow you to watch a movie, order food, hail a cab, or transfer money without leaving your couch. Through companies like Ola, Flipkart and Chaipoint, Indian entrepreneurs have moulded Silicon Valley’s best ideas to successfully meet local needs. Yet, a decade after the ways in which we search, navigate, buy, communicate and entertain ourselves have radically changed, health-services in India remain largely unaffected by the power of the internet. We archive doctor’s prescriptions, labs and X-ray results the same way we did decades ago. Polythene bags with scraps of paper, EKG strips, and scans are carefully stored in our homes and diligently carried from one doctor to the next, from one hospital to the other — and this is the best-case scenario. To date, the vast majority of Indians has no organised medical records, whether paper or electronic.

The Government of India is now scheduled to launch the National e-Health Authority (NeHA). A regulatory body, tasked with overseeing the digitisation of health information, NeHA holds great promise.

Imagine a health information network where all disparate contributors to health information are allowed to communicate with each other. Thousands of apps that constantly access information from our devices already do this — some with our knowledge, and others without. Our location, phone book, camera, voice, fingerprints, and even our habits and movements are all being tracked. This is facilitated through so-called application programming interfaces or APIs that allow sets of databases or software to communicate with each other.

Healthcare APIs would allow the doctor’s iPad to talk to the chemist’s cash register, and lab tests to communicate with the hospital’s database. With selected access to healthcare data, thousands of apps could be developed for patients, doctors, researchers, and policy makers — an app to remind mothers to vaccinate their children, push notifications to remind you to take your medication, or an alert that you are traveling to an epidemic belt. Scientists could search through hundreds of millions of records to find cures and validate current practices, policymakers would be able to conduct disease surveillance and formulate public health interventions, clinicians and patients would have timely access to their records.

This seemingly utopian health information ecosystem is not without rather obvious challenges: The poor uptake of electronic records by doctors in India, the lack of inter-operability between systems and devices, and the legitimate concern for privacy, security and safety of medical data are all formidable barriers. Any health information architecture proposed by NeHA must therefore hardwire technical or legal solutions to these challenges.

First, to get doctors to adopt electronic medical records (EMRs), any proposed systems must be easy to use and affordable. Careful attention must be paid to human-centered design and data minimisation (collecting only the data you need). In the US, insurance companies drove digitisation, resulting in the deployment of cumbersome billing tools that masquerade as electronic medical records, causing widespread workplace dissatisfaction and physician burnout. All too often, health information systems’ design and implementation strategies do not include end-users. Doctors are more likely to voluntarily adopt solutions that improve workflow, efficiency and access to information. The lack of inter-operability poses another challenge. The highly sequestered systems in US hospitals are not portable and result in duplication of tests and wanton waste. Risk-averse institutions and outdated laws have stymied digital innovation in healthcare. Millions are now being spent on retrofitting these systems to make them inter-operable, as required by the US Affordable Care Act. Such retrofitting can be bypassed in India.

The very lack of entrenched legacy EMRs in India provides a unique greenfield to mandate an API-based ecosystem incorporating inter-operability and standardisation at inception. But the easier the data flow between entities, the greater the potential for abuse. Inter-operability will need more than law and mandates. Substantial intellectual rigour must be devoted to building safeguards to protect the most vulnerable — the patients. The new law accompanying NeHA is expected to explicitly rest data ownership with the patients. We recommend a more nuanced strategy that thinks of ownership in terms of control and access, so as to protect patients and providers without stymying research or policy making. Were India to adopt an API-based ecosystem, who will control what data? Who will have access to what data? When can the doctor access your health information and when can she not? Should the government be allowed to query hospital databases to monitor epidemics? And more importantly, who gets to make these decisions — computer algorithms, smartphone menus, committees, or a combination thereof?

Even with all the protective laws in place, such a system will take considerable time to populate. It needs to be seeded with large-scale initiatives to reach critical mass. Large private hospital systems are well positioned to open up their digital platforms to API-based solutions. Government schemes like the proposed National Health Protection Scheme (NHPS) have the power to reach tens of millions. Hardwiring an API-based architecture into the NHPS could tip the balance in favour of widespread adoption of health information systems. A common patient identifier would also be central to this architecture. Whether the Unique Identification Authority of India (UIDAI) becomes the de facto identifier, or whether it serves as part of a two-step verification process, Aadhar deserves serious attention given its near-ubiquity.

NeHA and regulatory laws that define India’s health information landscape will have deep, long-lasting ramifications on healthcare delivery. Giving primacy to the needs of patients and clinicians; adopting human-centered design; abandoning traditional institution-based EMRs in favour of an API-based eco-system; and passing privacy laws in sync with these new technologies, can usher in an era of unprecedented growth in the scope, quality and safety of Indian healthcare.

The necessary ingredients are all present: A digital health greenfield, robust telecom infrastructure, unique ID authentication, and a large talented pool of IT professionals. Utilising them may allow India to shape healthcare delivery globally.