Scribd Logo
Upload

Welcome to Scribd!

  • Healthcare Data

    Uploaded by

    Mota
    52 views1 page
    The Ministry of Health and Family Welfare in India is planning to enact the Digital Information Security in Healthcare Act (DISHA) to regulate electronic health records and ensure privacy, security, and standardization of electronic health data. The act would establish a National Digital Health Authority and health information exchanges. It includes principles like securing storage and transmission of data, lawful and purposeful collection of data, and allowing access and rectification of health information. Existing Indian laws like the IT Act of 2000 on data privacy and protection of sensitive personal information would still apply.

    Original Description:

    disha

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Ministry of Health and Family Welfare in India is planning to enact the Digital Information Security in Healthcare Act (DISHA) to regulate electronic health records and ensure privacy, security, and standardization of electronic health data. The act would establish a National Digital Health Authority and health information exchanges. It includes principles like securing storage and transmission of data, lawful and purposeful collection of data, and allowing access and rectification of health information. Existing Indian laws like the IT Act of 2000 on data privacy and protection of sensitive personal information would still apply.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    52 views1 page

    Healthcare Data

    Uploaded by

    Mota
    The Ministry of Health and Family Welfare in India is planning to enact the Digital Information Security in Healthcare Act (DISHA) to regulate electronic health records and ensure privacy, security, and standardization of electronic health data. The act would establish a National Digital Health Authority and health information exchanges. It includes principles like securing storage and transmission of data, lawful and purposeful collection of data, and allowing access and rectification of health information. Existing Indian laws like the IT Act of 2000 on data privacy and protection of sensitive personal information would still apply.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    To facilitate promotion/adoption of e-Health standards along with entailing privacy and security

    measures for electronic health data, regulation of storage, and exchange of electronic health
    records (EHRs); the Ministry of Health and Family Welfare, Govt. of India, is planning to
    enforce a ‘Digital Information Security in Healthcare Act’ (DISHA). The purpose of this act is to
    ensure electronic health data privacy, confidentiality, security and standardization, and to provide
    for establishment of ‘National Digital Health Authority’, Health Information Exchanges, and
    related matters. In order to protect the rights of the Digital Health Data Subject, the principles of
    purposeful collection (Section 29), Lawful collection (Section 30), Secured storage (Section 32),
    Secured Transmission (Section 33), Access provision (Section 34), Imposition of all the
    liabilities under Information Security Management (Section 35), Rectification option (Section
    36) etc have been included in the Act.

    As per the Information Technology Act 2000, Data Privacy Rules, refers to ‘sensitive personal
    data or information’ (SPI) as the subject of protection, but also refers, with respect to certain
    obligations, to ‘personal information’ (PI). Sensitive personal information is defined as a subset
    of personal information. The Medical Council of India`s Code of Ethics Regulations protects
    patient confidentiality. The existing Indian laws including IT Act 2000 and their amendments
    from time to time would prevail over The Ethical, Legal, Social Issues (ELSI) Guidelines,
    Protected Health Information (Any Individually Identifiable Information), Disclosure Of
    Protected / Sensitive Information etc.

    The basic requirements for security and privacy are provided in following standard:

    1. ISO/TS 14441:2013 Health Informatics – Security & Privacy Requirements of EHR Systems
    for Use in Conformity Assessment

    2. ISO 27799 Health informatics - Information Security Management in Health using ISO/IEC
    27002

    3. ISO 22600:2014 Health informatics - Privilege Management and Access Control

    4. ISO 27789:2013 Health informatics - Audit Trails for Electronic Health Records

    5. ISO 17090 Health informatics - Public Key Infrastructure (Health record system must use this
    standard where digital certificates are used)

    You might also like