Intelligent tools are required to analyse the interaction between treatment, disease variability, gender, age, and other variables. While intuitive understanding just grows among experts. In the absence of analytical tools, patterns cannot be identified easily.

Low-cost Medical Screening Solutions In many small places, advance diagnostic facilities such as MRI and basic diagnostic tools such as X-Ray are not available. India has reported less than 10,000 radiologists. Low-cost medical screening solutions are required to reach better health care to rural areas. This includes low-cost imaging devices, portal powerful screening equipment’s, Internet screening support with AI algorithms running in the back end, etc.

Machine-learning systems on signals helpline call analysis, symptomatic case reports, weather and environmental conditions, and other correlates hold promise.

Clinical decision support systems: ML/AI-based decision support systems can aid doctors and healthcare workers in resource constrained settings, improving quality of screening, pathology, diagnosis, therapeutic pathways, prevention of drug interactions and contradictions, and triaging of referrals.

AI for supply chains: Use of tracking and prediction can reduce stock-outs in dispensaries due to seasonal and local variation of demand, wastage due to expiration and pilferage, and spoilage during supply.


Guidelines on Ethical Issues: There is a need to evolve comprehensive guidelines on ethical issues such as fairness, transparency, and accountability in consultation with the stakeholders including civil society. While formulating the guidelines, we should also consider the code of ethics for IT systems developed by professional societies like IEEE. It can’t be one-time exercise; the guidelines have to be reviewed and updated periodically.

Infrastructure Development: In order to promote the responsible uses of AI, government should invest in the development of bias-free datasets and techniques/tools for building fairness, transparency, and accountability features in the systems.

Testing and Certification: Necessary resources need to be created for testing and certification of AI systems for the desirable ethical features such as fairness, transparency, etc. An independent organization may be entrusted with this responsibility.

Incentives for Compliance: Incentives should be provided for compliance. For instance, when Government procures IT systems to provide different services to the public, compliance to the guidelines on ethics should be made mandatory.

Public Empowerment: Awareness on the ethical issues must be created and information on the working of the AI system should be shared with the public so that people can seek explanation if decision of an AI system makes an adverse impact on them. This will put required pressure on the system designers to incorporate the desirable feature.


For the purposes of these recommendations, the term “privacy” shall mean that only those person or people(s) including organizations duly authorized by the patient may view the recorded data or part thereof.

The term “security” shall mean that all recorded personally identifiable data will at all times be protected from any unauthorized access, particularly during transport (e.g., from healthcare provider to provider, healthcare provider to patient, etc.). The term “trust” shall mean that person, persons, or organizations (doctors, hospitals, and patients) are those who they claim they are.

The following approaches are to be adopted wherever applicable to address the aspects that the terms mentioned above refer to:

  • Privacy would refer to authorization by the owner of the data (the patient)
  • Security would have as components both public and private key encryption; the encryption techniques used in transit and at rest need to be through different methodologies.
  • Trust would be accepted whenever a trusted third party confirms identity


Protected Health Information (PHI) would refer to any individually identifiable information whether oral or recorded in any form or medium that (1) is created or received by a stakeholder; and (2) relates to past, present, or future physical or mental health conditions of an individual; the provision of health care to the individual; or past, present, or future payment for health care to an individual.

Electronic Protected Health Information (ePHI) would refer to any protected health information (PHI) that is created, stored, transmitted, or received electronically. Electronic protected health information includes any medium used to store, transmit, or receive PHI electronically.

As per the Information Technology Act 2000, Data Privacy Rules, refers to ‘sensitive personal data or information’ (SPI) as the subject of protection, but also refers, with respect to certain obligations, to ‘personal information’ (PI). Sensitive personal information is defined as a subset of personal information. Followings are Sensitive personal information that relates to:

  1. Passwords
  2. Financial information such as bank account or credit card or debit card or other payment instrument


  1. Physical, psychological, and mental health condition
  2. Sexual orientation
  3. Medical records and history
  4. Biometric information

. Any detail relating to (1) – (6) above received by the body corporate for provision of services.

  1. Any information relating to (1) – (7) that is received, stored, or processed by the body corporate under a lawful contract or otherwise


  • The physical or electronic records, which are generated by the healthcare provider, are held in trust by them on behalf of the patient
  • The contained data in record which are the protected health information of the patient is owned by the patient himself / herself.
  • The medium of storage or transmission of such electronic medical record will be owned by the

healthcare provider.

  • The “sensitive personal information (SPI) and personal information (PI)” of the patient is owned by the patient herself. Refer to IT Act 2000 for the definition of SPI and PI.


  • Regulations are to be enforced to ensure confidentiality of the recorded patient/medical data and the patient should have a control over this.
  • Patients will have the sufficient privileges to inspect and view their medical records without any time limit. Patient’s privileges to amend data shall be limited to correction of errors in the recorded.

patient/medical details. This shall need to be performed through a recorded request made to the

healthcare provider within a period of 30 days from the date of discharge in all inpatient care settings or 30 days from the date of clinical encounter in outpatient care settings. An audit of all such changes shall be strictly maintained. Both the request and audit trail records shall be maintained within the system.

  • Patients will have the privileges to restrict access to and disclosure of individually identifiable health information and need to provide explicit consent, which will be audited, to allow access and/or disclosures.
  • All recorded data will be available to care providers on an ‘as required on demand’ basis


  • For use in treatment, payments, and other healthcare operations: In all such cases, a general consent must be taken from the patient or next of kin, etc. as defined by the MCI.
  • Fair use for non-routine and most non-health care purposes: A specific consent must be taken from the patient; format as defined by MCI.
  • For certain specified national priority activities, including notifiable/communicable diseases, the

health information may be disclosed to appropriate authority as mandated by law without the patient’s prior authorization.

  • Instances where use and disclosure without individual authorization will be possible are as follows:

Complete record with all identifiers in an “as-is” state, on production of court order.

  • Totally anonymized data, where the anonymization process involves the complete removal of all information that allows the identification of the patient. (List of such personally identifiable information is provided below)


  • Protect and secure the stored health information, as per the guidelines specified in this document
  • While providing patient information, remove patient identifying information (as provided in the list

below) if it is not necessary to be provided.

  • Will ensure that there are appropriate means of informing the patient of policies relating to her/his rights to health record privacy
  • Document all its privacy policies and ensure that they are implemented and followed. This will include:
  • Develop internal privacy policies
  • Ensure implementation of privacy policies, audit, and quality assurance
  • Provide privacy training to all its staff


Patient will have the privilege to carry out the activities detailed below, personally, or through them.

appointed representative.

  • Patients can demand from a healthcare provider a copy of their medical records held by that healthcare provider, which should be provided within 30 days of receipt of communication of request.
  • Patients can demand from a healthcare provider that stores/maintains his/her medical records, to

withhold, temporarily or permanently, specific information that he/she does not want disclosed to

other organizations or individuals.

  • Patient can demand information from a healthcare provider on the details of disclosures performed on the patient’s medical records for any reason whatsoever. When demanded, following details are to be provided for each instance of disclosure:
  • Date of the disclosure
  • Name and address of the entity or person who received the information
  • Brief description of the medical information disclosed
  • Brief summary of the purpose of the disclosure


Healthcare provider will be able to deny information to a patient or representative or third party, in contravention of normal regulations, if in the opinion of a licensed healthcare professional the release of information would endanger the life or safety of the patients and others. This will include but not be limited to as follows: Information obtained from an anonymous source under a promise of confidentiality.

  • Psychotherapy notes.
  • Information compiled for civil, criminal, or administrative action.


Preservation of medical records assume significant importance in view of the fact that an electronic health record of a person is an aggregation of all electronic medical records of the person from the very first entry to the most recent one. Hence, all records must compulsorily be preserved and not destroyed during the lifetime of the person, ever.

Upon the demise of the patient where there are no court cases pending, the records can be removed from active status and turned to inactive status. HSPs are free to decide when to make a record inactive, however, it is preferable to follow the “three (3) year rule” where all records of a deceased are made inactive three (3) years after death.

It is however preferred, and the HSPs are strongly encouraged to ensure, that the records are never be destroyed or removed permanently. The health of the blood relatives and natural descendants of the person can be strongly influenced by the health of the person and on-demand access to these may prove to be hugely useful in the maintenance of the health of the relations.

Furthermore, analysis of health data of all persons is expected to greatly benefit in the understanding of health, disease processes and the amelioration thereof.

With rapid decline in costs of data archiving coupled with the ability to store increasing amounts of data that may be readily accessible, continued maintenance of such data is not expected to lead to any major impact on the overall system maintenance and use.


Data are “individually identifiable” if they include any of the under mentioned identifiers for an individual or for the individual’s employer or family member, or if the provider or researcher is aware that the information could be used, either alone or in combination with other information, to identify an individual. These identifiers are as follows:

  • Name
  • Address (all geographic subdivisions smaller than street address, and PIN code)
  • All elements (except years) of dates related to an individual (including date of birth, date of death, etc.)
  • Telephone, cell (mobile) phone and/or Fax numbers
  • Email address
  • Bank Account and/or Credit Card Number
  • Medical record number
  • Health plan beneficiary number

Certificate/license number

  • Any vehicle or other any other device identifier or serial numbers
  • PAN number
  • Passport number
  • AADHAAR card
  • Voter ID card
  • Fingerprints/Biometrics
  • Voice recordings that are non-clinical in nature
  • Photographic images and that possibly can individually identify the person
  • Any other unique identifying number, characteristic, or code


The existing Indian laws including IT Act 2000 and their amendments from time to time would prevail.