How are e-health services regulated in India? Vandana Pai Bharucha and Aakanksha Pagnis explain
A recent report states that as of September 2016, the Indian healthcare sector had seen 88 investment deals totalling US$397.41 million. Of these, 73 investment deals amounting to US$113.45 million related to healthcare startups. A number of these companies provide “e-health services”, hailed as one of the pillars of the Digital India campaign.
The term e-health essentially covers any business model combining healthcare services and technology. It covers services as diverse as telemedicine (the remote provision of healthcare services including diagnostics and education using telecommunication technology); m-health (medical and health practices supported by mobile and other wireless devices); electronic health records (conversion of patient records and data into electronic form); online e-health learning platforms (web applications allowing medical professionals to form communities, exchange information and discuss cases); e-pharmacies (the sale of medicines online); on-call healthcare services (providing healthcare services to consumers at home or outside of clinics and hospitals), etc.
While many e-health services are unregulated, the Indian government is increasingly recognizing their importance and seeking to formulate appropriate regulations. Key initiatives recently taken by the Ministry of Health and Family Welfare include:
- Launching the National Rural Telemedicine Network for e-healthcare delivery;
- Notifying the Electronic Health Record Standards on 30 December 2016, which include standards for patient identification, architectural requirements, e-prescriptions and data ownership; and
- Proposing the setting up of a National e-Health Authority.
Other requirements applicable to e-health service providers include:
Data security: A company collecting, receiving and managing sensitive personal data or information must abide by the standards prescribed under the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, which include obtaining written consent from the information provider, disclosure only with prior permission, maintaining adequate security practices, etc.
Application services: Entities providing services such as telemedicine by using telecom resources are categorized as “other service providers” (OSPs) and need to comply with the Terms and Conditions for OSP Category dated 5 August 2008, issued by the Ministry of Communications and Information Technology.
Medical practitioners: Medical practitioners rendering services through e-health platforms are required to comply with the Indian Medical Council Act, 1956, and the regulations framed under it.
Consumer protection: The Supreme Court in Indian Medical Association v VP Shantha held that services rendered by medical practitioners (except when rendered free of charge to every patient or under a contract of personal service) fall within the ambit of “service” under the Consumer Protection Act, 1986 (CPA). Consequently, e-health services are also likely to be classified as a “service” under the CPA.
As for coverage of e-health services under insurance policies, the position remains unclear. Health insurance regulations issued by the Insurance Regulatory and Development Authority of India (IRDAI) as recent as the IRDAI (Health Insurance) Regulations, 2016, and the IRDAI (Third Party Administrators – Health Services) Regulations, 2016, do not provide for e-health insurance.
While e-health has the potential to address a growing need in India, delivery models are developing faster than existing regulations. It is important for the government to implement effective regulations without stifling the growth of the sector.