The COVID-19 epidemic has forced Indians to embrace digital change and re-evaluate present healthcare norms. In-person consultations are no longer preferred over digital platforms by over 60% of patients and 65% of doctors. The market’s expansion has been fuelled by the Internet’s and cell phones’ quick uptake and favourable government regulations. In 2021, India’s digital healthcare industry was estimated to be worth INR 524.97 Billion. It is anticipated to grow at a CAGR of 28.50% from 2022 to 2027, reaching INR 2,528.69 Billion.
In the broadest definition, ‘digital health’ refers to the use of digital technologies to improve healthcare efficiency of the parents and give patients more personalised treatment. In India, there is no legal definition for digital health and digital medicine.
The Indian digital healthcare sector is transforming due to new health technologies, including wearable technology, telemedicine, genomics, virtual reality (VR), robots, and artificial intelligence (AI). India is also on the verge of a ‘digital health’ revolution, similar to many other economies. In India, the delivery of value-based care throughout the healthcare continuum depends heavily on digital health technology. Particularly in Tier II and III towns in India, adaptive intelligence solutions can assist in decreasing the barriers between hospitals and patients, boosting access to care and raising overall patient satisfaction.
What Do We Mean By Digital Healthcare?
The phrase ‘Digital Health’ is all-inclusive and refers to any applications that are developed at the nexus of technology and healthcare. Digital health is “A broad umbrella term embracing eHealth, as well as new disciplines, such as the application of advanced computer sciences in big data, genomics, and artificial intelligence,” according to the World Health Organization (WTO).
The confluence of digital technologies in terms of health, healthcare for society, enhancing delivery, and making medicine and healthcare more individualised and accurate are known as digital health or digital healthcare programmes. Digital healthcare refers to the application of information and communication technology to the management of patient-related problems and concerns. Both hardware and software solutions are part of these technologies. It can include everything from ingestible sensors to wearable technology, mobile health apps to artificial intelligence, robotic carriers to electronic records, and web-based analysis to sensors for remote monitoring. It essentially involves bringing digital transformation to the healthcare industry and services through disruptive technology and cultural dynamics.
Segments of Digital Healthcare
The two market segments of digital healthcare are e-health and digital fitness & well-being. Digital fitness and well-being made up 81.69 per cent of the total income in 2021. An Indian millennial spends INR 4,000 on health and fitness on average per month. E-health is expected to maintain an 18.75 per cent market share in 2027, up from its 18.31 per cent proportion of overall revenue in 2021. India is the second-most advanced developing nation when it comes to the use of mobile health.
The phrase ‘Digital Health’ refers to a wide variety of uses. Many important uses are covered below:
- Telemedicine: Using telecommunications technology to deliver healthcare is known as telemedicine. Although though it is not a distinct field of medicine in and of itself, telemedicine stands out for using a variety of technology to deliver conventional medical treatments remotely. It is a comprehensive term that includes tele-radiology, tele-consultation, tele-nursing, tele-ICU, and tele-surgery within its scope.
- Point-of-care Diagnostics: Point-of-care Diagnostics (POCD) is an emerging trend in the medical device sector and includes a wide range of devices that allow people or healthcare professionals to make reliable diagnoses in settings with minimal resources. It makes illness management, monitoring, and real-time condition diagnosis easier. Recent years have seen the development of several applications, including biosensors, portable x-rays, handheld ultrasounds, and smartphone-based POCD.
- M-Health: The delivery of digital health services via a mobile platform is known as mobile health, or m-Health. More participants may now actively participate in the transformation because of the ease of digital health combined with the mobility of m-health.
- Medical Virtual Assistants: MVAs (Medical Virtual Assistants) are a new trend in the m-Health industry. Virtual health assistants and chatbots fill in the gap between patients and doctors and tend to patients’ needs in between physical appointments by reminding patients to fill their prescriptions, giving them information on their conditions, scheduling appointments, keeping track of their health records, and performing other administrative duties. MVAs often use AI-based tools to evaluate massive data volumes and offer individualised advice.
- Self-monitoring digital healthcare devices: Wearables are increasingly being built with monitors and sensors that can track a variety of physiological changes in the body. These sophisticated gadgets can monitor your weight, sleep habits, posture, nutrition, and exercise regimen.
- Electronic Health Records (EHR): The electronic health records of a patient are stored digitally. EHRs assist in removing the issues with physical records including loss and accessibility. No matter where or when the data was gathered, EHRs may be accessed anytime from a central location.
- Blockchain in healthcare: The term ‘blockchain’ has recently gained popularity in the data business. It is changing how data is stored, accessed, shared, and privately handled online. Given that the healthcare sector relies on enormous amounts of data, blockchain-enabled technologies provide a chance to facilitate the switch from the conventional volume-based healthcare system to a value-based one. In particular, the implementation of blockchain initiatives can improve the flow and integration of health data management and information sharing across the many stakeholders.
Government Initiatives towards Digital Healthcare
In India, the three primary types of digital healthcare programmes are State Programs, Central Sector Programs, and Centrally Funded Programs. The highest authority at the central level is with the Ministry of Health and Family Welfare (MOHFW).
- National Digital Health Mission
On the 74th anniversary of India’s independence, Prime Minister Narendra Modi launched the National Digital Health Mission (NDHM), a blueprint for the National Digital Health Stack that was based on the National Digital Health Blueprint. The Ayushman Bharat Pradhan Mantri Jan Arogya Yojana’s National Digital Health Mission (NDHM) (AB-PMJAY).
On August 15, 2020, Prime Minister Narendra Modi announced the National Digital Health Mission. By granting patients access to real-time health information, the objective is to develop an integrated healthcare system that connects practitioners and patients digitally. This will encourage timely and organised healthcare throughout the nation. The National Health Authority (NHA), an agency of the Ministry of Health and Family Welfare, is in charge of carrying it out. The primary goal of this effort was to build a national ecosystem for digital health that supports universal healthcare.
- Ayushman Bharat Digital Mission
A committee headed by Shri J. Satyanarayana was established in accordance with the National Health Policy, 2017, to create an implementation strategy. The National Digital Health Blueprint, 2019 (NDHB), created by this committee, lays out the fundamental elements and an action plan for the full and all-encompassing implementation of digital health in India. To build a digital health ecosystem, MoHFW unveiled the National Digital Health Mission (NDHM) on August 15, 2020, based on the NDHB. The NDHM started off as a trial programme in six union territories. It has been renamed Ayushman Bharat Digital Mission (ABDM) and is now applicable across the country one year after it was put into effect. At the moment, joining the ABDM is optional. By 2025, the ABDM hopes to have a national health information network, health information exchanges, and a federated health information architecture in place. When fully functional, the healthcare system will be a safe, interoperable one that makes it possible for patients to access and transfer their medical records between public and private healthcare facilities.
- Health Data Management
For the digital health ecosystem under ABDM, the Health Data Management Policy, 2020 (HDM) establishes the basis for security by design. According to the HDM, three distinct Health IDs will be created: one for patients (Health ID), one for doctors (Health Practitioner ID), and one for medical facilities (Health Facility ID). Each ID has a unique set of data access privileges and permissions. The HDM Policy also establishes guidelines for how to use the patient’s health data and grants them full ownership of it. When the ABDM is fully operational, all patient data will be linked to a single Health ID, making it simpler for patients and medical professionals to access patient medical histories when making clinical choices. To help the government make data-driven healthcare policy decisions and to better understand public health trends, the data may also be used in an anonymised form.
The ABDM Sandbox is a framework that will enable innovations or goods to be evaluated in a controlled environment in accordance with NDHM standards and evaluate how the market and consumers will respond to the same before being made widely available. Within this framework, tests on all goods, services, and technology will be conducted. Healthcare or health-tech service providers, including public health initiatives at the federal and state levels, software businesses, hospitals, labs, healthcare aggregators, and health tech firms are the target candidates for the ABDM Sandbox. The main goal of providing a Sandbox under the ABDM is to encourage the integration of existing healthcare IT platforms and systems with the ABDM building blocks. It also aims to enable responsible innovation in the field of health tech services, boost productivity, and benefit consumers. After proving compliance with all applicable data protection and privacy laws, including the proposed rules, only businesses or organisations that are either incorporated, registered, or have a licence to operate in India are permitted to use the sandbox. The Sandbox will be terminated if the company is unable to completely comply with the pertinent standards or does not succeed in fulfilling its intended goal. Enrolling in the Sandbox has the advantage of allowing for product testing on a larger spectrum of customers without requiring a large-scale rollout. It should be emphasised that the Sandbox is not a legal release, and the company will still be responsible for any violations of laws that may have been broken as well as for customer complaints.
- Unified Health Interface
The National Health Authority introduced the Unified Health Interface (UHI), a platform for digital healthcare services under the ABDM, in January 2022.
Services to build an effective digital infrastructure for patients and healthcare professionals. In order to guarantee the interoperability of health services across the nation, it describes the intended design, scope, and roles of UHI. The UHI Gateway, which will allow all ABDM participants to connect and interact using industry-standard protocols, will be managed by the ABDM. Patients and health service providers, such as hospitals, doctors, nurses, pharmacies, etc., will be able to connect through UHI for appointments, consultations, e-prescriptions, etc., as well as the safe transmission of medical information.
Government programmes like Made in India, Digital India, and Start-up India, as well as new business owners and global corporations, are aiming to enhance the healthcare sector.
Investment in Digital Healthcare
In India, the digital healthcare business is growing quickly and has not been as negatively affected by the economic downturn as some of the other sectors. One of the largest rising markets, India, is now a popular place for foreign direct investment. The lack of doctors in rural and semi-urban regions has resulted in a lack of access for residents of these areas to adequate healthcare services. Telemedicine and online pharmacy are two examples of digital health products that are seen to be potential answers to this issue. As the market is growing, it is a good opportunity for the foreign as well as national players to invest in this. Mentioned below are few of the investing options:
- Foreign Direct Investment
The Foreign Exchange Management Act of 1999 (FEMA), the rules and regulation of Reserve Bank of India, and the Industrial Policy and Procedures published by the Ministry of Commerce and Industry through the Secretariat for Industrial Assistance, Department for Promotion of Industry and Internal Trade (DPIIT) all govern foreign investment into India. Regulation 16 of the FEMA (transfer or issuance of security by a person located outside India) Rules, 2017 contains the FDI-related regulations. While the DPIIT regularly produces news releases and policy guidance involving foreign investment into India, it also publishes a comprehensive policy each year (the Consolidated FDI Policy).
- Foreign Venture Capital Investment
Venture capital investments made by organisations registered with the Securities Exchange Board of India (SEBI) as foreign venture capital investors are another essential method of investment. Although while it is not required for a private equity investor to register as a Foreign Venture Capital Investor (FVCI) under the FVCI Rules, doing so has certain important benefits. For the purchase of securities at the time of entrance as well as for the transfer or sale of securities at the time of exit, an FVCI is exempt from compliance with the price rules under the Consolidated FDI Policy. Second, the Takeover Code exempts the company’s promoters from making an open offer when they plan to acquire back the stocks from an FVCI. It should be noted that SEBI has only been approving FVCIs for investments in a select group of designated industries, including pharmaceutical research and development of new chemical entities and units of SEBI registered Venture Capital Funds (VCFs). Moreover, the Reserve Bank of India (RBI) recently modified the foreign currency control laws to allow FVCIs to invest in AIFs registered with SEBI.
Legal and Regulatory Framework
In India, there is no explicit legislation that controls digital health. The following laws are briefly examined since they widely cover digital healthcare sector:
Drugs and Cosmetics Act 1940 read with Drugs and Cosmetics Rules 1945 and Draft E-Pharmacy Rules, 2018
The principal regulatory framework that controls the manufacturing, sale, import, and distribution of medications in India is the Drugs and Cosmetics Act of 1940 (DCA) read with the Drugs and Cosmetics Regulations Rules, 1945 (DCR). The DCA must be enforced, and that responsibility falls on both the central and state governments. The Drug Controller General of India (DCGI) is in charge of the Central Drugs Standard Control Organization (CDSCO), which is primarily in charge of coordinating the activities of the State Drugs Control Organization, developing policies, and ensuring that the DCA is implemented consistently across India. State Licensing Authorities (SLA) are another entity that oversees how the DCA is applied in various states.
According to the DCR, prescription medications can only be provided upon presentation of a valid prescription that complies with the guidelines. Rule 65(10)(a) of the D&C Rules states that a prescription must be in written, signed, and dated by the doctor writing it in order to be legitimate.
In response to the COVID-19 epidemic, the Health Ministry announced in March 2020 that doorstep medicine delivery was now permitted. Significantly, the Notification was issued in accordance with Section 26B of the D&C Act, which enables the Central Government to control the production, sale, and distribution of drugs when doing so is in the public interest, such as during epidemics or other natural disasters.
The National Medical Commission Act, 2019 and The Indian Medical Council (Professional conduct, Etiquette and Ethics) Regulations, 2002
In India, medical education and practice are governed by the National Medical Commission Act, 2019 (the NMC Act). According to the NMC Act, only those with a recognised medical degree and who have completed the National Exit Exam are eligible to register with the State or National Registers in order to get a licence to practise medicine in India.
According to the Indian Medical Council (Professional conduct, etiquette and ethics) Rules, 2002 (also known as the MCI Code), doctors must adhere to certain moral and professional standards while dealing with patients, pharmaceutical firms, and other medical professionals.
Telemedicine Practice Guidelines, 2020
In collaboration with NITI Aayog, the Central Government released the Telemedicine Practice Guidelines, 2020 (Telemedicine Guidelines). These recommendations are now part of the MCI Code and are consequently mandatory for allopathic medical professionals. Along with classifying medications into List O, List A, List B, and Banned Lists, the Telemedicine Guidelines also outline which medications can be provided under what circumstances.
The Drugs and Magic Remedies (Objectionable Advertisements) Act, 1954 and Drugs and Magic Remedies (Objectionable Advertisements) Rules, 1955 (DMRA)
The DMRA was passed in 1954 to prevent the promotion of medications and treatments that were said to have magical properties. According to the DMRA, it is unlawful for anybody to participate in the publishing of an advertising for a medication that suggests or is intended to encourage the use of the drug for:
- The abolition of female conceiving or the facilitation of miscarriage; alternatively
- The preservation or enhancement of a person’s ability for sexual enjoyment; or
- The treatment of women’s menstruation disorders; or
- The identification, treatment, mitigation, prevention, or cure of any illness, ailment, or condition included in the DMRA schedule.
On February 3, 2020, the Ministry of Health and Family Welfare released a draught amendment to the DMRA with the goals of expanding the list of diseases, disorders, and conditions in the schedule to the DMRA and changing the definition of “advertisement” under the DMRA to specifically include advertisements made over an online or electronic medium.
The Clinical Establishments (Registration and Regulation) Act of 2010
Establishments that meet the criteria for a ‘clinical establishment’ as defined by the Clinical Establishments (Registration and Regulation) Act, 2010 (CE Act), must register with the appropriate government and adhere to the act’s minimal requirements. Except for the NCT of Delhi, all Union Territories, including Arunachal Pradesh, Himachal Pradesh, Mizoram, Sikkim, Bihar, Rajasthan, Uttar Pradesh, Uttarakhand, Jharkhand, Assam, and Haryana, are subject to the Clinical Establishments Act. State clinical establishment laws exist in certain states, including Maharashtra and Karnataka.
Telecom Commercial Communication Customer Preference Regulations of 2018 (TCCP Regulations)
The TCCP Rules and TCCP Regulations forbid sending unsolicited commercial communications by phone or SMS. Only users who have chosen to receive such communications can get promotional messages after registering with an access provider. Sending phone calls or transactional SMS is not prohibited by law, nevertheless. As long as the recipient is a client of the sender, the message is delivered within 30 minutes of the transaction taking place, and it is directly connected to it, a transactional communication is one that is triggered by a transaction carried out by the message’s recipient.
Consumer Protection Act and 2019 and Consumer Protection (E-commerce) Rules and 2020
The Consumer Protection Act, 2019 (CPA) establishes a redressal process and protects consumers’ interests. It places several obligations on retailers and service providers, such as the ban of deceptive advertising and the establishment of a system of product responsibility. The Central Consumer Protection Authority (CCPA) is the CPA’s regulatory authority, which oversees CPA administration and imposes sanctions. In addition, a customer may directly register complaints for CPA breaches through a three-tiered consumer dispute resolution process.
The CPA has also released the Consumer Protection (E-commerce) Regulations, 2020 (E-commerce Rules) to control online advertising, sales, and purchases of goods and services. The Legal Metrology Regulations, 2011, IT Act, and other relevant rules that apply to online sales of goods are also included in the E-Commerce Rules.
Regulatory Framework Regarding Data Protection of Digital Healthcare
The Information Technology Act of 2000, The Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
Information is constantly being exchanged between the patient and the service provider in digital health. According to Rule 3 of the Data Protection Regulations, the patient’s personal information, including medical history and physiological problems, is deemed sensitive personal data or information.
According to Rule 7 of the Data Protection Regulations, prior consent from the owner of the SPDI is required if the SPDI (Sensitive Personal Data or Information) is intended to be revealed to a third party. The body corporate sending the SPDI is responsible for making sure the party receiving the SPDI has appropriate security procedures in place.
In order to keep the SPDI safe, the Data Protection Regulations also require the application of appropriate security policies and procedures. If the body corporate complies with IS/ISO/IEC 27001 on ‘Information Technology- Security Techniques- Information Security Management System- Requirements’ or other comparable standards that have been authorised and announced by the Central Government, this criteria will be met. As of yet, no standards of this nature have been announced. In accordance with Rule 5(9) of the Data Protection Regulations, it is also necessary to select a Grievance Officer, whose contact information must be made public on the website. In addition to this, there are other requirements, such as giving users the option to opt-out or alter their SPDI as needed (under Rule 5(7) of the Data Protection Regulations).
Also, a body corporate may use the safe harbour option offered by Section 79 of the IT Act if it is gathering, storing, and processing health data on behalf of another business.
The Clinical Establishments (Registration and Regulation) Act, 2010, Clinical Establishments Rules, 2012, and Electronic Health Record Standards, 2016
Clinical institutions must keep Electronic Health Records (“EHRs”) in line with standards established by the Central Government, according to the Clinical Establishments Regulations, 2012 (CER), which are published under the CE Act. A universal standard-based framework for EHRs in India has been created with the help of the Electronic Health Record Standards, 2016 (EHR Standards). The EHR requirements will apply to Digital Health Entities that are covered by the CE Act.
Data Protection Bill, 2021
A new data protection law is now being passed. It is the goal of the DPB to have a comprehensive data protection law. It intends to impose restrictions on the gathering and use of both personal and non-personal data (including anonymized and de-identified data). The DPB will regulate the acquisition, storage, processing, and transfers of personal data in India once it is operational and would reinforce the country’s data protection legislation. It applies to all parties interacting with citizen personal data, including the government, domestic and international businesses, and individuals.
Health Data Management Policy of 2020
The ABDM participants’ organisations must comply with the HDM Policy. It serves as the basis for managing the privacy of digital health information for those who have received a Health ID, licenced healthcare providers, and participating organisations under the ABDM. It outlines the minimal level of data privacy protection that must be adhered to in order to be in accordance with all applicable and pertinent laws, rules, and regulations.
Data Security Council of India Privacy Guide for Digital Healthcare (2021)
The Data Security Council of India (“DSCI”) was established by NASSCOM India as a non-profit industrial organisation for data protection in India. The DSCI Sectoral Privacy Project will produce advice materials tailored to certain industries to help firms understand and apply privacy measures. DSCI has created the DSCI Privacy Guide for Healthcare (DSCI Guidance) as a part of this endeavour. Although the Guideline is not legally obligatory, implementing it can help organisations better position themselves to seize new business possibilities and show authorities that they are in compliance.
According to the DSCI Guidelines, personal health data or information includes demographic data, administrative data, health risk information, and health status.
Legal framework regarding IPR
Several cutting-edge products have been created in the digital health sector. In this fiercely competitive environment, protection of these concepts and technologies becomes crucial. With such changes in mind, this section discusses the many types of IP protection that are available.
In India, patents are protected under the Patents Act, 1970. The Trade-Related Aspects of Intellectual Property Rights (TRIPS) and the Patent Act are substantially in compliance, and India, a signatory, has committed to fully adopting and implementing the agreement’s requirements.
An inventive product must meet the three requirements of novelty, non-obviousness, and usefulness in order to be deemed an ‘invention’ under the Patent Act. In addition to fulfilling these conditions, the innovations must not particularly fall under the definition of an ‘invention’ as defined in Sections 3 and 4 of the Patent Act. A “method for the medical or other treatment of human beings and animals” and “a computer programme per se” are among these exclusions.
Every Digital Health application is powered by the software, or computer programme, that operates it. According to Section 3(k) of the Patent Act of 1970, a computer programme “per se” is not a subject of patentability.
In India, copyright is protected under the Copyright Act, 1957. Original works of literature, theatre, music, and art, as well as cinematograph films and sound recordings, can all be protected by copyright. Although it is not necessary to register a copyright since it exists in a work independent of registration, doing so does provide prima facie proof that the right exists.
Software would be considered a “computer programme” under the Copyright Act, and according to section 2(O), computer programmes are considered literary works.
The Designs Act, 2000 (the “Designs Act”) protects industrial designs. Only characteristics of forms, configurations, patterns, ornamentation, or compositions of lines or colours applied to an “item” (the word “article” has been specified under Section 2(A)) are considered to constitute a “design.” The Graphical User Interface (“GUI”) of apps and the design of the devices are the two main elements of digital health that would need design protection. The Designs Act, specifically Article 14-04 of the 2001 Design Regulations, may safeguard GUI.
In India, trade markings are governed and safeguarded under the Trade Marks Act, 1999 (the “TM Act”). Unregistered marks are additionally protected under common law in addition to statutory protection.
The NICE Classification of Products and Services is used in India. A global categorization of products and services used for the registration of trademarks is known as the Nice Classification, which was created by the Nice Agreement (1957).
“Harnessing the power of digital technologies is essential for achieving universal health coverage. Ultimately, digital technologies are not ends in themselves; they are vital tools to promote health, keep the world safe, and serve the vulnerable.” – Dr Tedros Adhanom Ghebreyesus, WHO Director-General
Digital healthcare technology and devices are slowly but surely becoming more and more relevant a potential answer to some of the challenges brought on by the pandemic coronavirus on the global healthcare system. Digital healthcare is the ambulation of genomic and digital interventions in the healthcare ecosystem, to improve the efficacy, delivering healthcare on time with making the medication more precise and tailored for every human. Both hardware and software solutions are part of the digital healthcare system. It can include everything from ingestible sensors to wearable technology, mobile health apps to artificial intelligence, robotic carriers to electronic records, and web-based analysis to sensors for remote monitoring.
In India, the development of digital healthcare has been a fascinating process. The expansion of this significant sector in India has been facilitated by both public and private sector initiatives. Notwithstanding all the difficulties, India has made substantial progress over the past 20 years, and since 2015, more effort has been put into improving healthcare.