National digital health blueprint

Thenal Health Policy 2017 outlines a robust framewr)rk for achieving Health for All through the adoption of the basic principles of accessibility, quality and affordabitity, and by leveraging the power of information and communication technologies to strengthen rhe healthcire delivery systems.

The historic and landmark launch ot Ayushman Bharat Schem€, which is cperational through a robust lT Platform, ensures cashless and paperless services aovering a i)cpulat’cn of 5OO million. Health schemes such as Maternal & Child Health, NIKSHAY and others are arso benefitting the patien15 with the right service delivered at the right trme Ieveraging the technclogical interventions aotly

Digital health rnterventions strengthen outcorrie5 of every health serviae delivery programme in the country. With increased ease of use, acceptance by masses ano adaptation by service providers, digrtal health interventions can be powerful game changers in accelerating the transformaticn cf health agenda and in enhancing the health outcomes of the entire population of the nation.

The integration of various efforts in the ecosystem of digital health is essential for a holisric pursuit of the goals of National Health Policy 2017 and the SDGS relating to health A.ccrdingly, the Government of lndia has initiated efforts for establishing a compreherrsive, ‘.rationwicje integrated Digital Health ecosystem through an architectural framework namely, the National DiBital Health Blueprint (NDH B).

The blueprint is completely aligned with the vision of our Hon’ble Prime Ministr-.r ,f india, ih Narendra Modi Ji, to provide health services to every lndian citizen. The successful implementati,)n of NDHB would immensely benefit all lndians by lowering of out of pocket expenses and elrsurrrig ri”e realization of Universal Health Coverage.

I appreciate the contributron of Sh, i. Satyanarayana and the members of Comnritree for their exceptional work in developing this blueprint. I request atl the stakeholders to impienrent the blueprint and pave the way for transforming lndia into a Digital healthcare economy.

(Dr arsh Vardhan)

orqkq: e+g, g-8d.1, fHq rr{, r{ ffi-ttoott’ ffice: 348, A-Wing, Nirman Bhawan, New Delhi – 110011 Tele: (O) :+91-11-23061661,23063513. Telefax: 23062358′ E’mail: hi

fiqrfl; g, frff qfifr qpf , a”{ ffi-nool’ Residonce: 8, Tees January Marg, New Delhi – 110011 Tele: (R) : +91-11-23794649 . Telefax: 23794640


The National Health Policy 2017 (NHP 2017) envisages the goal of attainment of the highest level of health and well‐being for all at all ages, through increasing access, improving quality and lowering the cost of healthcare delivery. The key principles of NHP 2017 include universality, citizen‐ centricity, quality of care and accountability for performance. The policy lays significant emphasis on leveraging digital technologies for enhancing the efficiency and effectiveness of delivery of all the healthcare services.

While the efforts in deploying technology for healthcare have been continuous and widespread, the benefits have been localized and fragmented. The citizen cannot access his/her health records speedily nor store them conveniently. In the absence of an integrated system, the service providers tend to create isolated medical records enhancing the burden on the citizen significantly. Health service providers in the public and private sectors do not have an aggregated and complete view of the data for providing efficient health services to the citizens. Governments, central and state alike, do not have reliable and complete data for policy analysis and evidence‐based interventions.

The need of the hour is to elevate the existing systems from providing disparate electronic services to integrated digital services. While setting specific goals for the health sector in alignment with SDG’s to be achieved over the next 5 years in vital areas such as life expectancy, IMR, MMR, TFR, immunization, malnutrition and disease control, the NHP 2017 has also prescribed such specific goals for adoption of digital technologies. These include establishing registries for all diseases of public importance and most significantly, ‘establishing Federated National Health Information Architecture, to roll‐out and link systems across public and private health providers at state and national levels and across different healthcare systems like modern medicine and AYUSH systems consistent with Metadata and Data Standards (MDDS) & Electronic Health Record (EHR)’. The policy also envisages leveraging ‘the potential of digital health for 2‐way systemic linkages between primary, secondary and tertiary care to ensure continuity of care’.

Against the above background, the committee constituted by the Health Ministry to create an implementation framework for the National Health Stack (NHS) proposed by NITI Aayog, has come up with the National Digital Health Blueprint, after surveying the global best practices in adoption of digital technologies holistically. The blueprint is not merely an ‘architectural document’. It has specific details of the building blocks required to fulfil the vision of NHP 2017 as also the institutional mechanism and an action plan for realizing digital health in a comprehensive and holistic manner. The key features of the blueprint include a federated architecture, a set of architectural principles, a 5‐layered system of architectural building blocks, Unique Health Identifier (UHID), privacy and consent management, national portability, EHR, applicable standards and regulations, health analytics and above all, multiple access channels like call centres, India Digital Health portal and MyHealth App.

The mandate of the National Digital Health Mission recommended in this report is a balanced combination of designing, developing and realizing certain pure‐play technology building blocks and the essential domain (Health) building blocks.

With a view to leverage the vast amount of knowledge and experience available in the society in this area, the Ministry undertook 2 specific exercises after the committee submitted its draft report. The draft of the NDHB Report was placed in the public domain on 15th July 2019, inviting the members of public, professionals and organizations to give their comments and suggestions by 4th August 2019. In addition, the Ministry conducted a consultation with the stakeholders on 6th August 2019.

The response to the invitation has been overwhelming. Over 300 comments and suggestions have been received from 70 organizations and individuals. The committee has analysed all the comments and suggestions at its 11th meeting held on 5th September 2019 and decided to incorporate all the suggestions found useful in enriching the blueprint.

The major comments and suggestions have been in relation to elaborating and / or bringing clarity in the areas of federated architecture, privacy, consent management, data protection, role of the state governments, involving NGOs, capacity building and change management, and the implementation timelines. There have been numerous suggestions in operational areas, which are relevant and useful during the implementation phase, and may be passed on to the proposed National Digital Health Mission on its constitution.

The report has improved vastly due to the consultation processes, as several of the suggestions have made a qualitative difference to the usability, feasibility and acceptability of the report. The committee gratefully acknowledges the interest shown by the respondents in providing very valuable inputs. The NDHB is to be considered as a living document. There is scope for further improvement over the next few years.

The National Digital Health Blueprint keeps the overall vision of NHP 2017 in perspective and recommends a pragmatic agenda to start with, adopting the principle of ‘Think Big, Start Small, Scale Fast’. It forms the foundation on which the edifice of an entire National Digital Health Eco‐system can be built in a phased manner.

I wish to acknowledge the contribution made by all the members of the Committee and several other experts who have enriched the discussions.

J Satyanarayana (Chairman of the Committee)

EXECUTIVE SUMMARY………………………………………………………………………………………………………. 1

CONTEXT & SCOPE …………………………………………………………………………………………………………….. 5 1.1 The Context…………………………………………………………………………………………………………………….. 5 1.2 Vision……………………………………………………………………………………………………………………………… 7 1.3 Objectives ………………………………………………………………………………………………………………………. 7 1.4 Overview ………………………………………………………………………………………………………………………… 8 1.5 Core Principles ………………………………………………………………………………………………………………… 9

FEDERATED ARCHITECTURE & BUILDING BLOCKS …………………………………………………….. 13 2.1 Introduction ………………………………………………………………………………………………………………….. 13 2.2 Federated Architecture ………………………………………………………………………………………………….. 13

2.2.1 Principles of Federated Architecture……………………………………………………………………………………13

2.2.2 Overview of Federated Architecture ……………………………………………………………………………………13 2.3 Building Blocks – the essence of NDHB…………………………………………………………………………….. 14 2.3.1 Identifying the Building Blocks…………………………………………………………………………………………….15 2.3.2 Federated Architecture (FA) in terms of Building Blocks ………………………………………………………..16 2.4 Building Blocks of National Digital Health Blueprint …………………………………………………………… 16 2.5 Structure of Disease Registries for NCD ……………………………………………………………………………. 27 2.6 Harmonizing Current Facility Registry Initiatives ……………………………………………………………….. 27 2.7 Approach to Unique Health Identifier (UHID)……………………………………………………………………. 28

STANDARDS & REGULATIONS………………………………………………………………………………………… 31 3.1 Objectives of Standards and Regulations………………………………………………………………………….. 31 3.2 Framework & Scope of Standards ……………………………………………………………………………………. 31 3.3 Standard for Consent Management…………………………………………………………………………………. 32 3.4 Standards for Content & Interoperability …………………………………………………………………………. 32 3.5 Standards for Privacy & Security ……………………………………………………………………………………… 35 3.6 Standards for Patient Safety & Data Quality ……………………………………………………………………… 36 3.7 Cost consideration of Standards ……………………………………………………………………………………… 36 3.8 Enablers of NDHB ………………………………………………………………………………………………………….. 36 3.9 Recommended further work on Standards ………………………………………………………………………. 37

INSTITUTIONAL FRAMEWORK ……………………………………………………………………………………….. 39 4.1 Back ground ………………………………………………………………………………………………………………….. 39 4.2 Essential Elements of the National Digital Health Mission (NDHM)……………………………………… 41

4.3 Global Experiences ………………………………………………………………………………………………………… 41 4.4 Indian Scenario: Comparative Analysis of existing Organizations ………………………………………… 42 4.5 Recommended Institutional Framework of NDHM ……………………………………………………………. 42 4.6 Roles and Responsibilities within the Institutional Framework……………………………………………. 44 4.7 Core Digital Services ………………………………………………………………………………………………………. 45 4.8 Leveraging Emerging Technologies ………………………………………………………………………………….. 45 4.9 Critical Role of State/UT Governments: ……………………………………………………………………………. 46 4.10 Financing Model ………………………………………………………………………………………………………….. 46 4.11 Criticality of Capacity Building and Change Management…………………………………………………. 47 4.12 Need for Proof‐of Concept and Sandbox Environment …………………………………………………….. 47 4.13 Recommendations in summary……………………………………………………………………………………………..47

NDHM ACTION PLAN……………………………………………………………………………………………………….. 49 5.1 Purpose ………………………………………………………………………………………………………………………… 49 5.2 Scope……………………………………………………………………………………………………………………………. 49 5.3 Expected Outcomes……………………………………………………………………………………………………….. 50 5.4 Methods & Instruments recommended by NDHB……………………………………………………………… 50 5.5 Suggested 5‐Year Action Plan………………………………………………………………………………………….. 51

Annexure I ……………………………………………………………………………………………………………………………… 53 Annexure II …………………………………………………………………………………………………………………………….. 54 Annexure III ……………………………………………………………………………………………………………………………. 55 Annexure IV……………………………………………………………………………………………………………………………. 56 Annexure V…………………………………………………………………………………………………………………………….. 57 Annexure VI ……………………………………………………………………………………………………………………………. 58 Annexure VII …………………………………………………………………………………………………………………………… 60 Annexure VIII ………………………………………………………………………………………………………………………….. 61





Accredited Social Health Activist Bureau of Indian Standards
Central Bureau of Health Intelligence Centre for Health Informatics Electronic Health Record

Fast Healthcare Interoperability Resources Goods and Services Tax Network
Health Information Exchange
Health Level‐7

Health Management Information System International Classification of Diseases Indian Council of Medical Research Information and communications technology Integrated Disease Surveillance Programme India Enterprise Architecture

Insurance Regulatory and Development Authority Logical Observation Identifiers Names and Codes Maternal & Child Health
Meta Data & Data Standards

National Centre for Disease Control National Digital Health Blueprint National Digital Health Ecosystem National Digital Health Mission National Health Agency

National Health Portal
National Health Resource Repository
National health Stack
National Informatics Centre
National Institute of Health & Family Welfare
National Identification Number
National Programme for Control of Blindness
National Payments Corporation of India
National Securities Depository Limited
Pradhan Mantri Jan Arogya Yojana
Sustainable Development Goals
Systematized Nomenclature of Medicine‐Clinical Terms Unique Health Identifier
Unique Identification Authority of India




The National Health Policy (NHP) 2017 had defined the vision of ‘health and wellbeing for all at all ages’. Continuum of care is a concept strongly advocated by the policy. Citizen‐ centricity, quality of care, better access, universal health coverage, and inclusiveness are some of the key principles on which the NHP is founded. All these aspirations can be realized principally by leveraging the power of the digital technologies. In the Indian context, due to its size and diversity, this mammoth task requires that a holistic, comprehensive and interoperable digital architecture is crafted and adopted by all the stakeholders. In the absence of such architecture, the use of technology in the health sector continues to grow in an uneven manner and in silos.

Eco‐System, not System

In the above context, the Committee constituted by the Ministry of Health and Family Welfare recognized the need for creating a framework for the evolution of a National Digital Health Eco‐system (NDHE) – an Eco‐system and not a System. The result is the National Digital Health Blueprint (NDHB), which in addition to being an architectural vision, also provides specific guidance on its implementation. NDHB recognizes the need to establish a specialized organization, called National Digital Health Mission (NDHM) that can drive the implementation of the Blueprint, and promote and facilitate the evolution of NDHE.

The Blueprint keeps the overall vision of NHP 2017 at its core and recommends commencing with a pragmatic agenda to start with, adopting the principle of ‘Think Big, Start Small, Scale Fast’. To this end, it has been designed as a layered framework, with the vision and a set of principles at the core, surrounded by the other layers relating to digital health infrastructure, digital health data hubs, building blocks, standards and regulations, and an institutional framework for its implementation. The document also contains a High‐ Level Action Plan to put these elements into motion in a time‐bound manner.

The objectives of NDHB are aligned to the Vision of NHP 2017 and the SDG’s relating to the health sector. These include:

a. Establishing and managing the core digital health data and the infrastructure required for its seamless exchange

b. Promoting the adoption of open standards by all the actors in the National Digital Health Ecosystem in the development of multiple digital health systems spanning across the sector from wellness to disease management

c. Creating a system of Electronic Health Records, based on international standards, which are easily accessible to the citizens and service providers based on citizen‐ consent

Page | 1


d. Establishing data ownership pathways so that the patient is the owner of his/her EHR, and health facilities and government entities maintain the data under trust on behalf of patient. The collection as well as the end use of the data shall be through a consent framework. The anonymized data can, however, be used for research purposes if it duly follows the principles so defined. It is the responsibility of the health facility to ensure privacy, security and confidentiality of the data.

e. Following the best principles of cooperative federalism while working with the states and union territories for the realization of the vision

f. Promoting health data analytics and medical research

g. Enhancing the efficiency and effectiveness of governance at all levels

h. Ensuring quality of healthcare

i. Leveraging the information systems already existing in the health sector.


An eco‐system cannot be built – it must evolve. Given this, a set of principles ‐ rather than specifications ‐ have been recommended to enable the evolution of the NDHE. The key principles of the Blueprint include from the domain perspective‐ universal health coverage, inclusiveness, security and privacy by design, education and empowerment of the citizens, and from the technology perspective‐ building blocks, interoperability, a set of registries as single sources of truth, open standards, open APIs and above all, a minimalistic approach.

Building Blocks

In the context of the evolution of a digital ecosystem, building blocks are reusable frameworks or artefacts that most stakeholder groups need to rely upon for designing, developing and delivering their services. Building blocks constitute the core of NDHB. The Blueprint identifies the minimum viable set of building blocks required for the NDHE to evolve and describes their capabilities at a high‐level. It is for the NDHM, as a specialist organization, to work towards the design, development and establishment of these building blocks. Conformance to both the NDHB Principles as well as to the NDHB Standards and Regulations is critical for an efficient design and development of the building blocks.

The Blueprint has identified 35 building blocks. A few of the critical capabilities and the schematic of the NDHE that will be addressed by appropriate combinations of different building blocks are briefly explained below:

1. Identification: Unique identification of persons, facilities, diseases and devices is a key requirement as well as a challenge in the NDHE. The Blueprint handles this requirement through 2 building blocks, viz. Unique Health Identifier (UHID) and the Health Locker. Working in tandem, these two blocks will facilitate the creation and maintenance of both Electronic Health Records and Personal Health Records.

2. Citizen to be in Control: The need for maintaining the confidentiality, security and privacy of the health records cannot be over‐emphasized. These regulatory requirements are

Page | 2


built into the design of NDHE a priori, rather than being retrofitted. The Blueprint achieves these complex and mandatory requirements through a combination of a few building blocks, viz. Consent Manager, Anonymizer and Privacy Operations Centre. Besides these building blocks, application‐specific features and relevant international standards defined in the Blueprint fortify the privacy regime.

3. Service Access/ Delivery: Omni‐channel access/ delivery are an important capability required in the NDHE. This is achieved by a combination of Web (India Health Portal) and mobile (MyHealth App) applications, as well as the call centres and social media platforms. The Unified Communication Centre enables real‐time monitoring and interventions needed in the NDHE. Given the significant reach of smartphones and the potential for further spread of smartphone technologies, the Blueprint emphasizes the ‘mobile first’ principle for delivery of majority of stakeholder‐facing services.

4. Interoperability: The most important contribution of the Blueprint is its advocacy of interoperability, which is a prerequisite for development of integrated digital health services and establishing a continuum of care but also propelling parallel development of innovative value‐added services by entrepreneurs. Two building blocks, namely, the Health Information Exchange and the National Health Informatics Standards enable and promote the interoperability of various building blocks and services built on top of them.

The task of developing of these building blocks is allocated under a federated model with three levels of roles delineated between centre, state and health facilities. Except for the minimum data set needed at the centre and state, the data shall primarily reside at health facility level.

A significant effort requiring high‐level expertise is involved in the preparation of the detailed designs for these building blocks, which have been elaborated in Chapter 2.

Applications & Digital Services

The Application Layer of the Blueprint is merely a placeholder in so far as it identifies the

thematic areas for development and deployment of applications but refrains from listing them exhaustively. Such an approach has been adopted not only because of the large number and variety of applications that exist, but also because applications must evolve progressively in an innovative manner that cannot be defined upfront. It is, however, necessary here to highlight the importance of leveraging some applications in the health sector that have already evolved and matured over the last few years. Taking these legacy applications on board the NDHE requires that each application is rigorously assessed with respect to its conformance to the pre‐defined standards using a set of criteria like those defined by the Digital Service Standard notified by Ministry of Electronics and Information Technology.

Page | 3


The design of NDHB enables and promotes the development of a host of innovative applications and apps by start‐ups and entrepreneurs to provide value‐added services to the citizens and other stakeholders.

The value of the Blueprint can be realized mainly in terms of the impact the digital health services can have for various stakeholder groups. The Blueprint provides an illustrative, but by no means an exhaustive list of digital health services, to indicate the nature of qualitative difference their implementation can make. Needless to say that the portfolio of these services must be validated and updated through a series of consultations with different stakeholder groups.


National Health Informatics Standards form the cornerstones of the NDHB. Ideally, the health sector must align with international standards in a large number of areas. However, the Blueprint has adopted a pragmatic approach and recommended only a minimum viable set of standards, to make it easier for the ecosystem players to adopt them. FHIR Release 4 (in a highly condensed form), SNOMED CT and LOINC are among the standards recommended.

Institutional Framework

A Blueprint is only as good as its implementation. An appropriate implementation framework is suggested in Chapter 4. The establishment of a new entity, the National Digital Health Mission (NDHM), is recommended as a purely government organization with complete functional autonomy while adopting some features of existing National Information Utilities like UIDAI and GSTN. The role and functions of NDHM and an appropriate organizational structure have also been recommended. A high‐level Action Plan for the implementation of NDHB has been shared in Chapter 5.

Page | 4





1.1 The Context

Healthcare has always been central to all development efforts at a national and global level. Government of India envisages the attainment of the highest possible level of health and well‐being for all at all ages as its goal and intends to provide universal access to high quality health care services without the citizens having to face financial hardship as is enunciated in National Health Policy, 2017. The most promising approach adopted by National Health Policy towards this goal is the extensive deployment of digital tools/technology to enhance health system performance. Digital health technology has a huge potential for supporting Universal Health Coverage (UHC) and the government’s commitment to make healthcare affordable, accessible, and equitable.

The Ministry of Health and Family Welfare (MoHFW) has prioritized the utilization of digital health to ensure effective service delivery and citizen empowerment so as to bring significant improvements in public health delivery.

To improve efficiency in health delivery, extend healthcare to rural areas and provide better quality services at low cost, certain eHealth initiatives using ICT (Information and Communication Technologies) were undertaken by MoHFW across the country with the following objectives:

●  To ensure availability of services on wider scale

●  To address the human resource gap by efficient & optimum utilization of the existing
manpower in the health sector

●  To provide healthcare services in remote & inaccessible areas through telemedicine

●  To improve patient safety by access to medical records which also help in reducing
healthcare costs

●  To monitor geographically dispersed tasks for meaningful field level interactions
through effective use of MIS

●  To help in evidence‐based planning and decision making

●  To improve efficiency of imparting training for capacity building

Some of the key ongoing initiatives in digital health being implemented by MoHFW include : Reproductive Child Healthcare (RCH), Integrated Disease Surveillance Program (IDSP), Integrated Health Information System (IHIP), eHospital, e‐Shushrut, Electronic Vaccine Intelligence Network (eVIN), Central Government Health Scheme (CGHS), Integrated Health Information Platform (IHIP), National Health Portal (NHP), National Identification Number (NIN), Online Registration System (ORS), Mera Aspatal (Patient Feedback System), Health Management Information System (HMIS), and National Medical College Network (NMCN). These initiatives are operational at a substantially mature level and are already generating enormous amount of data in the health sector.

Page | 5


Since health is a state subject, states are supported under National Health Mission (NHM) for services like Telemedicine, Tele‐Radiology, Tele‐Oncology, Tele‐Ophthalmology and Hospital Information System (HIS).

The Government of India approved the National Health Policy 2017 (NHP 2017) with the vision of providing universal health care. As a sequel to the NHP 2017, the Union Budget for the fiscal year 2018–19 announced the Ayushman Bharat Yojana, a program designed to address health holistically through a two‐pronged approach

●  To set up 1.5 Lakh Health and Wellness Centres for comprehensive primary healthcare, including preventive and promotive healthcare accessible to all, and

●  A flagship scheme Pradhan Mantri‐Jan Arogya Yojna (PMJAY) to provide healthcare cover to over 10 Crore poor and vulnerable families for up to Rs 5 lakh per family per year for secondary and tertiary care requiring hospitalization.
Through Ayushman Bharat, the Government of India has taken steps to lay the foundation of a 21st century health system. It is expected that the provision of services through public and private sector under Ayushman Bharat will generate enormous amounts of health data, mostly in the digital space. To ensure that cutting‐edge digital technologies are leveraged, it is crucial to focus on creating an appropriate architecture and data structures which are both pan‐India. With the current system of fragmented data capture by multiple stakeholders without any standardization, there is a serious risk of compartmentalization of digital health assets.
The aforesaid challenge also presents us with an opportunity to build a state‐of‐the‐art National Digital Health Eco‐system (NDHE) that can enable us to leapfrog many of the traps that bedevil health information systems even in developed economies.
Towards this end, NITI Aayog had proposed a conceptual framework for creation of a National Health Stack ‐ a set of core building blocks to be “built as a common public good” that helps avoid duplication of efforts and achieve convergence among the IT systems of the diverse stake holders such as the Governments, the Payers, the Providers and the Citizens. Even at the conceptualization stage, it was recognized that the issue of data safety, privacy and confidentiality will be critical for the success of the NHS and consequently, the need has arisen for a mechanism to incorporate these elements ab‐initio into the architecture.
The Ministry of Health & Family Welfare constituted a Committee chaired by Shri J. Satyanarayana, the then Chairman, Unique Identification Authority of India (UIDAI) to create an implementation framework for the proposed National Health Stack. The composition of the committee is shown in Annexure I.
Given the vastness of the Health Domain and the complexities involved in designing architecture for National Digital Health Eco‐system, the committee constituted 4 Sub‐Groups to deal with 4 distinct aspects of the mandate of the committee. These relate to

Page | 6


i. Scope of NDHB, overarching principles and target digital services

ii. Building blocks of NDHB, including Universal Health ID

iii. Standards and regulations, and

iv. Institutional framework

The composition of the Sub‐Groups and terms of reference are given in Annexure II.

Based on the efforts of the 4 Sub‐Groups, the committee prepared the National Digital Health Blueprint (NDHB) as a document that would act as an authoritative reference in guiding all future efforts for creation of NDHE. It is envisaged that the Blueprint will shape the path for a digitally inclusive healthcare system to be established in our country. The nomenclature of “National Digital Health Blueprint” is considered more appropriate as the document is a balanced combination of architectural principles, building blocks and an implementation framework as well, which together, provide an immediate setting for action in multiple dimensions and at multiple levels.

1.2 Vision

To complement the overall vision of government to create an enabling digital health ecosystem and prioritization of digital health by government as enunciated in the national level programs, the following vision statement is recommended to be adopted for National Digital Health Blueprint:

The vision of NDHM encapsulates the goals of NHP 2017 and aims to leapfrog to the digital age by providing a wide range of digital health services.

1.3 Objectives

The following specific objectives need to be achieved if the Vision of NDHM is to be realized:

a. To establish state‐of‐the‐art digital health systems, for managing the core digital health data, and the infrastructure required for its seamless exchange

b. To establish national and regional registries to create single source of truth in respect of clinical establishments, healthcare professionals, health workers and pharmacies

c. To enforce adoption of open standards by all the actors in the National Digital Health

d. To create a system of Electronic Health Records based on international standards,
easily accessible to the citizens and to the healthcare professionals and services providers, based on citizen‐consent

“To create a National Digital Health Eco‐system that supports Universal Health Coverage in an efficient, accessible, inclusive, affordable, timely and safe manner, through provision of a wide‐range of data, information and infrastructure services, duly leveraging open, interoperable, standards‐based digital systems, and ensuring the security, confidentiality and privacy of health‐related personal information.”

Page | 7


e. To promote development of enterprise‐class health application systems with a special focus on addressing the Sustainable Development Goals related to the health sector

f. To adopt the best principles of cooperative federalism while working with the states and union territories for the realization of the vision

g. To ensure that the healthcare institutions and professionals in the private sector participate actively in the building of the NDHE, through a combination of prescription and incentivization

h. To ensure national portability in the provision of health services

i. To promote the use of Clinical Decision Support (CDS) Systems by health professionals
and practitioners

j. To promote a better management of the health sector leveraging health data
analytics and medical research

k. To provide for enhancing the efficiency and effectiveness of governance at all levels
through digital tools in the area of performance management

l. To support effective steps being taken for ensuring quality of healthcare

m. To leverage the information systems existing in the health sector, by ensuring that
they conform to the defined standards and integrate with the proposed NDHE

1.4 Overview

The National Digital Health Eco‐system is large, complex, heterogeneous, sensitive and critical at the same time. Evolution of such an eco‐system can and should happen by a combination of two distinct approaches, namely, establishment/ creation of core information systems on a minimalist basis, and promotion of a set of principles and standards to be adopted by all the eco‐system players. The Blueprint adopts this twin approach precisely.

The NDHB has been conceptualized as a layered structure depicted in Figure 1.1 and described later.

a. At the core of the Blueprint are its Vision and a set of Principles that should guide all the eco‐system players. While the vision has already been stated in Section 1.2 and supplemented by the objectives in Section 1.3, the Blueprint principles are enumerated in the following Section.

b. A federated architecture and its building blocks are defined in Chapter 2. While the core building blocks will be established centrally by NDHB, the remaining would have to be created in an interoperable manner by the eco‐system players.

c. Chapter 3 defines the minimum set of standards to be adopted by all the eco‐system players. It also touches upon the regulations to be enforced in the health domain.

d. The applications and services layers are substantially in the realm of the providers of healthcare services, Wellness Services and Support Services. However, it shall be the endeavour of the NDHB to design, develop and put in place certain Core and Reusable applications and services, which are commonly used across the country and across the health domain.

Page | 8


Figure 1.1 Layered Structures

e. Chapter 4 recommends an institutional framework appropriate for facilitating the establishment of the National Digital Health Eco‐system in terms of all the components.

f. Chapter 5 provides a high‐level action plan that envisages implementing the NDHB over 5 years.

g. It may be noted that each of the layers has components that fall under both the areas, namely health domain and pure‐play technology.

1.5 Core Principles

As alluded to earlier, an eco‐system cannot be built, nor can it evolve on a prescriptive approach. Hence the Blueprint proposes to be evolved on the basis of a set of commonly believed principles, which again, pertain to the business (i.e. the Health Domain) and to technology. The governments, central and state, must play the role of facilitators, enablers and advocates of these principles to speed up the evolution of the National Digital Health Eco‐system.

While identifying and defining the principles, the following core requirements and architectural priorities have been kept in view:

a. Unique and Reliable Identification of persons, relations, professionals, providers, facilities, and payers across the whole eco‐system.

b. Trustworthiness of the information created by the entities in the eco‐system

c. Capability for creation of a longitudinal health record for every individual from information held in diverse systems

Page | 9


d. Managing the consents for collection and/or use of personal/ health data, to ensure privacy and confidentiality, in conformance to the laws of the land.

e. Adopting and aligning with IndEA principles, given the enterprise nature of NDHE.

The Principles of NDHB are stated and briefly explained Table 1.1 and shown as a bird‐eye view in Figure 1.2.

Business Principles (Health Domain Principles)

B1. Wellness‐centric and wellness‐driven.

Special focus will be laid on the building blocks and applications relating to Health Education, awareness, screening, early detection and AYUSH. Wellness centres and mobile screening teams will be strengthened through access to real‐time Electronic Health Records. Citizens will be encouraged to follow a well‐designed referral system.

B2. Educate and empower citizens to avail a wide range of health and wellness services

Mass awareness and education will be promoted through use of appropriate a MEDucation Platform and a portfolio of Health Apps targeting citizens of different age‐groups and access to toll‐free medical advice. Personalization and localization will facilitate higher uptake of the education and awareness services.

B3. Design to be inclusive.

Specialized systems will be designed to reach out to the “unconnected”, digitally illiterate, remote, hilly and tribal areas. Telemedicine will focus on reaching out to such groups to provide them with services of experts.

B4. Ensure security and privacy by design.

A National Policy on Security of Health Systems and Privacy of Personal Health Records will be developed. All the building blocks that require handling personal health records will be designed to comply with such policy ab‐initio.

B5. Design to measure performance and display accountability of all providers of service.

Real‐time monitoring of the Service Levels and health sector KPIs will be the key driver to measure and publish performance of all health institutions and professionals. Real‐time dashboards, data analytics and visualization tools will support the Performance Management.

B6. National footprint that enables seamless portability across the country.

Personal Health Identifier with its supporting blocks, including adoption of Health Information Standards will play a pivotal role in the national portability. A system of incentives will be put in place for early adoption.

Page | 10


B7. Builtbasingontheprinciple,“ThinkBig,StartSmall,ScaleFast”

While the “Big Picture” of NDHB will be comprehensive containing all the building blocks required to fulfil the Vision, NDHB will adopt a combination of strategies like taking a minimalistic approach for designing each block, prioritizing and sequencing of the development/ launch of the building blocks, and designing a technology architecture that can scale horizontally and vertically.

Technology Principles

T1. Adopt India Enterprise Architecture Framework (IndEA)

The artefacts prescribed by the IndEA Standard will be prioritized and sequenced. The design of the building blocks of NDHB will adopt and conform to IndEA by default. Other national and international standards will be adopted in areas not covered by IndEA.

NDHB may, when appropriate, adopt the Agile IndEA Framework, which combines the Vision of IndEA with the speed of agile methodologies of development.

T2. Conform to open standards, be interoperable and based on Open Source Software products and open source development

The policy of MeitY on open standards and open source software shall be adopted in designing of the building blocks of the Blueprint and in all procurements relating to its implementation. Interoperability will be inherent to all the building blocks.

T3. Federated Architecture shall be adopted

Only the identified core building blocks will be developed and maintained centrally. All other building blocks shall be designed to be operated in a federated model that factors regional, state‐level and institution‐level platforms and systems to function independently but in an interoperable manner.

T4. Open API‐based Ecosystem

All the building blocks will be architected adopting the Open API Policy notified by MeitY. Security and Privacy will be built into the design and development of the APIs, which should be audited for security and privacy before deployment.

T5. All major legacy systems shall be assessed for conformance to principles and leveraged to the extent feasible.

Compliance of legacy systems to the Blueprint principles and IndEA principles will be assessed through an appropriately designed Assessment Tool. Only those legacy systems that cross the bar will be allowed to operate within the eco‐system.

T6. All the components, building blocks, registries and artefacts shall be designed adopting a minimalistic approach.

Easy, early and collective adoption of the Blueprint by majority shall be critical to its success. Hence every component of the Blueprint shall be designed to be minimalistic.

Page | 11


T7. All the registries, data hubs and other master databases shall be built as Single Source of Truth and System of Record on different aspects and backed by strong data governance.

Rigid validations shall be applied to all mandatory ‘fields’, clear ownership and responsibilities shall be defined for all core databases and strong, dedicated data governance structures shall be established at the state and central levels.

Table 1.1 Principles of NDHB

Figure 1.2 Bird’s eye view of the NDHB Principles

Page | 12





2.1 Introduction

Digital technologies are playing a pervasive role in the delivery of healthcare today. The National Digital Health Blueprint (NDHB) provides an approach to establish a Federated Architecture, defined in terms of its Building Blocks. The federated architecture seeks to enable the health ecosystem by streamlining information flows across players in the ecosystem while keeping citizens, their privacy and confidentiality of data at the forefront. A good design can help accelerate the adoption and improve delivery of health services across both the public and private sectors. NDHB identifies key building blocks by looking at the most common requirements of the overall health ecosystem

2.2 Federated Architecture

Federated architecture (FA) is a pattern in enterprise architecture that allows interoperability and information sharing between semi‐autonomous de‐centrally organized entities, information technology systems and applications. In terms of the Technology Principle T3, specified in Table 1.1, NDHB is required to be designed using the principles of Federated Architecture. The purpose of using the Federated Architectural pattern in NDHB is essential for enhancing the security and privacy of the personal and sensitive information of the citizens while ensuring interoperability and technological flexibility and independence. Such an architectural pattern is also ideally suited to the conditions prevalent in a federal set up like India and includes both public and private health facilities and institutions.

2.2.1 Principles

The federated architecture presented in this Chapter is based on a set of principles. It is not prescriptive, but illustrative. The following principles are recommended for the detailed design of the federated architecture and its components:

a. All digital health data and applications are held at 3 levels – National, State and Facility levels, in a decentralized manner, following the principle of minimality at each level

b. Patient data is held at the Point of Care or at the closest possible physical location

c. Citizen shall be in full control of the ‘processing of health data’ relating to him/ her

d. Systems of Record (SoR) shall hold the primary data and all other IT systems, applications or entities will have access to it only through links, subject to the applicable permissions and consent.

e. Large facilities and government health departments shall be data fiduciaries. Small facilities which do not have the capacity/ infrastructure can take the services of licensed health data repositories, who will perform the role of data processors.

Page | 13


f. The data fiduciary managing the data and the data processor holding and processing the same shall be responsible for the data protection obligations and compliances under the applicable laws.

g. An indicative set of principles for governance of the federated architecture are given in Annexure VIII.

2.2.2 Overview

The Figure 2.1 provides a high‐level view of the federated architecture of NDHB.


Figure 2.1 Overview of the Federated Architecture of NDHB

The following are the salient features of the architecture:

a. The architecture is laid out at 3 Levels – National, State/UT/ Regional and Facility Levels.

b. Each level has the systems designed in 4 Layers, each layer consisting of a set of building blocks of a particular type, namely, Infrastructure, Data, Technology and Application building blocks.

c. The building blocks at each layer and across the 4 layers and 3 levels are loosely coupled on a ‘Need‐to‐Connect’ basis, using standardized API’s.

Page | 14


d. The granular details of each level and layer and a description of the building blocks along with broad functionalities is provided in Section 2.3.

e. The principle of minimality is applied at each level and layer and in the design of the building blocks.

f. To ensure data consistency, interoperability and national portability, only the minimum required number of building blocks are designed, developed, held and managed centrally.

g. Health records of a citizen are not held at the national level.

h. Only the indexes, pointers or links to the health records are maintained at the state level.

2.3 Building Blocks – the essence of NDHB

In architectural parlance, a building block is a package of functionality defined to meet business needs. Building blocks have to operate with other building blocks. A good choice of building blocks will facilitate legacy system integration, improved interoperability, and flexibility in the creation of new systems and applications. Wherever interoperability is required, it is important that the interfaces to a building block are published and are reasonably stable. A building block is intentionally designed to be cross‐functional, allowing for its generic functionality to be applied in different contexts.

2.3.1 Identifying the Building Blocks

Each building block must have the following characteristics:

  Provide a standalone, useful, reusable and implementable capability in the health domain

  Cross‐functional across the value chain by design

  Applicabletomultipleusecasesinhealthcare

  Interoperablewithotherbuildingblocks

  Use shared digital infrastructure (to the extent feasible)

  Standards‐based and

  Designedforscale
Each building block must have a clear ‘Business Owner’ and ‘Technology Owner’. The business owner is responsible for defining the rules and policies essential to effectively manage the building block. The technology owner would be responsible for managing the business requirements and technical implementation of these requirements efficiently.
Building blocks once identified shall be implemented using workflow‐based modules and must interface with other building blocks using open APIs. The building block of Unique Health Identifier (UHID) will be centre‐piece for integration with all the other components of health ecosystem and for maintaining the Electronic Health Record (EHR).
Identification of new blocks is an ongoing activity and more blocks would come up over time.

Page | 15


2.3.2 Federated Architecture (FA) in terms of Building Blocks

The recommended set of essential and minimal building blocks under the Federated Architecture (FA) of NDHB are represented in Figure 2.2. The salient features of the detailed architecture of NDHB are given below:

a. The federated architecture is indicative. It can be modified, enhanced and evolved with time.

b. The federated architecture is modular in nature. The combination of modules necessary at each level / setting will be decided while designing the information systems.

c. All the blocks and designs shall conform to the minimum set of standards specified in Chapter 3.

d. The Building Block of ‘Common Application’ shown in the Application Layer at the national level in Figure 2.2 indicates the intention to publish the code of a few most commonly used applications, designed and developed as reusable, multi‐tenant, open‐ source and standards‐compliant applications, placed in an Application Store. Registered users can download the applications, customize / configure them and deploy them in their environments.

e. Anonymization and Consent Management are best done at the point of care. However, two building blocks, ‘Anonymizer‐as‐a‐Service’ and ‘Consent Management‐ as‐a‐Service’ are provided in the state layer, so as to take care of these requirements in the cases of inter‐facility transfers. This also addresses the needs of individual practitioners and small clinical establishments that cannot afford and/or manage these components on their own.

f. All the building blocks relating to data at all levels are marked as “SOR”, to indicate that they are the ‘System of Record’. All the technology requirements and specifications of SOR shall be supported by these building blocks. It may be observed that each health data type (including master and transaction data) is maintained at one level only, to ensure uniqueness and consistency. For instance, while Electronic Medical Record (EMR) relating to an episode or a set of episodes relating to a patient, is maintained at the facility level, the EHR (Electronic Health Record) is a longitudinal record of a particular patient across several facilities and is maintained as a collection of links to the primary data (EMRs). Only the systems for allocation and management of UHID are maintained centrally at the national level. Health records relating to individuals (EMR/EHR) are not kept or maintained at the national level.

g. A repository of standards, APIs, metadata and data dictionaries is maintained at the national level. All entities (especially the architects, system analysts and developers) may source (download) their requirements from this repository.

h. A few of the building blocks are represented at multiple levels, to meet the varying requirements

Page | 16


Figure 2.2 Federated Architecture of NDHB (with Building Blocks)

Page | 17


2.4 Building Blocks of National Digital Health Blueprint

Based on detailed studies of the existing health systems and discussions with stakeholders, the 35 key building blocks have been identified across the 3‐Level/4‐layered architecture of NDHB. These have been represented in Figure 2.3. It may be noted that Figure 2.3 is a ‘2‐ dimensional representation’ of the major building blocks, abstracted from the ‘3‐dimensional representation’ presented in Figure 2.3. It should not be construed from Figure 2.3 that all the building blocks would be maintained centrally at the national level.

Figure 2.3 Building Blocks of NDHB

The important building blocks are explained in the remaining part of this section:

i. Infrastructure(Layer‐1)

Privacy by design being a key principle of the National Digital Health Blueprint, which requires an Infrastructure layer to be established for management of the key data services in a compliant manner. The objective of the infrastructure layer is to ensure that

Page | 18


health data and its traversal are always secure and adheres to all privacy requirements. The government community cloud infrastructure, as defined by MeitY, should be adopted for hosting of data building blocks in Level 1 (National) and Level 2 (State). A hybrid cloud environment is recommended for other levels and layers.

Secure Health Networks

Blueprint should be built to work on public networks by default. Wherever access to sensitive or aggregated data is involved, secure connectivity may be used. For specific applications like Tele‐health, Tele‐radiology that require strong data links to systems like PACS low latency, high bandwidth network systems may be specially designed.

Health‐Cloud (H‐Cloud)

The Health‐Cloud builds on the MeitY initiative of Government Community Cloud (GCC) with stronger security and privacy policies and infrastructure. Key data hub management services of the Blueprint must be deployed on the H‐Cloud.

Security and Privacy Operations Centre (SOC)

All events on the Health‐Cloud and the Health Network need to be under 24×7 security surveillance ensuring every data byte is highly secure. This is achieved through a Security Operations Centre (SOC). The Committee recommends the establishment of a dedicated Privacy Operations Centre (POC) to help drive compliance on the privacy requirements, adherence to which is a must in the health sector. The POC will monitor all access to private data, review consent artefacts, audit services for privacy compliance, evangelize the privacy principles on which the Blueprint is being built and bring trust and strategic control in the usage of health data in the ecosystem.

ii. DataHubs(Layer‐2)

Data Hubs provide the fundamental building blocks that manage the key entities and standardized master data required for any health ecosystem transaction. This layer also identifies the minimum and critical transactional data blocks required for successful implementation of the other building blocks. The most important data hubs are those relating to unique identification of persons, facilities and organizations. The following types of entities need to be identified uniquely through a rationalized system of identification:

▪  Person – Patient, Family Member, Beneficiary

▪  Care Professional – Doctors, Nurses, Lab technicians, ASHA workers

▪  Care Provider – Hospital, Clinic, Diagnostic Centre

▪  Payer – Insurer, Health Plan, Charity

Page | 19


▪  Governing Bodies – Ministry, Professional bodies, Regulator

▪  Research Bodies – Researcher, Statistician, Analyst

▪  Pharmaceuticals – Drug, Device Manufacturers and Supply Chain players
The recommendations in respect of identification of the major entities are given in the following sub‐sections.
a) UniqueHealthIdentifier(UHID)
It is important to standardize the process of identification of an individual at any point providing healthcare. This is the only way to ensure medical records created are issued to the correct individual or to obtain consented access. In order to issue the UHID, the system must collect certain basic details including demographic and location, family/relationship, and contact details. Ability to update contact information easily is the key. The relevant FHIR specifications for recording personal details must be followed.
b) ElectronicHealthRecord(EHR)
The National Health Policy, 2017 (NHP, 2017) seeks to move everyone towards wellness in a comprehensive and integrated way. The proposed EHR complies with the principles of NHP‐2017 and NDHB to generate and aggregate health records for a person and puts the information in the control of the individual who only can authorize sharing episodic medical records with other health providers as per consent framework.
While there are several approaches to implementing an EHR system, keeping in line with the principles of NDHB, a federated system with multiple market players working on a national interoperable standard for sharing of health data is preferred. Health care providers are expected to identify the individual (through UHID) and insert a medical record into the person’s EHR after providing care. The content in the EHR will need to allow for change, from basic content with very little metadata to a strongly structured content that meets the standards specified in Chapter 3. Initially the EHR may capture, data relating to significant medical and health conditions, episodes and events to be identified and notified. The scope of EHR can be expanded in a phased manner to include other health conditions. Annexure V specifically highlights mistakes to be avoided in designing EHR.
The design of the Digi Locker system, which has multiple issuers and users who can exchange data with consent and strong non‐repudiation methods, should be adopted with appropriate modifications and enhancements for creation of EHR.

c) Health Directories and Health Registries

Health Directories play a key role in the health ecosystem as they hold the master data of various entities. Directories must be built with strong ownership and governance mechanism and must adhere to the principle of being the “single source of truth”. Directories must be designed to be easily accessible and usable by multiple users. Directories related to professionals must enable Identity and Access Management (IAM)

for health applications that adopt the blueprint. Health applications must be able to verify

Page | 20


the identity of a doctor using the registries, allow them access to records that they have been authorized for.

Health registries hold information about individuals, usually focused around a specific disease or condition. Some registries seek and hold information about volunteers who want to participate and contribute to a health cause, such as eye/ blood/ organ donation. Section 2.4 provides a recommended structure for health registries of the first type. A more structured, standards‐based approach is required to derive the best benefits of health registries – ongoing and new. Table 2.1 shows the key health directories to be established in the first phase of the NDHB.


Facilities Directory

The Facility Directory will consist of one record and a unique identifier for each Health facility in the country – Hospitals, Clinics, Diagnostic centres, Pharmacies etc.

Doctors Directory

The Doctor directory will consist of one record for each doctor who has registered with the medical council after completion of their education. The directory must be designed to be kept up‐to‐date as doctors gain skills via fellowships and map them to the facilities they are associated with.

Nurses & Paramedical Directory

The Nurses directory will essentially include the medical support staff including Nurses, ANMs etc. and will also consist of one record for each paramedical staff that is awarded a certification by the Paramedical board, Ophthalmic Technicians, Operation Theatre technicians, etc.

Health Workers Directory

This directory will consist of Health Workers like ASHA who act as the extended work force enabling door to door healthcare related services

Allied Professionals Directory

This directory contains the other key roles in the healthcare industry including Masters in Hospital Administration, Health IT, Disease Coders, Pradhan Mantri Arogya Mitras, etc.

Table 2.1 Key Directories to be established in the first phase of the NDHB


Health Masters/ Health Data Dictionary

There are several master data requirements in healthcare including names of drugs, diseases, lab tests, procedures, etc. The content and interoperability section in Chapter 3 outlines the various standards / code sets which need to be adopted. The Blueprint must enable easy access to developers to incorporate master data into their applications.

iii. Technology Building Blocks (Layer ‐3)

Operationalization of the master data directories provides standardized operating data for enabling a health transaction. The Blueprint defines several technology building blocks at the 3 levels. Amongst these, six key building blocks relate to data access management,

Page | 21


consent and privacy, which need to be adhered to by all implementation agencies. These are described in Table 2.2.


“Anonymization” with respect to personal data, means the irreversible process of transforming or converting personal data to a form in which a data principal (owner/ citizen) cannot be identified. For the purposes of this report, the term Anonymization has been used in a broader sense to include the related concepts like de‐identification and encryption.

The Anonymizer takes data from the Health Locker and/or other health data sets, removes all personally identifiable information to protect privacy and provides the anonymized data to the seeker. Tools available can anonymize both structured and un‐structured data. At the same time, Anonymizer systems allow the Government or authorized agencies to access the health records of the citizens in critical cases like monitoring of notified diseases etc. This enables the government to take effective decisions to promote wellness in the country and to ensure that healthcare is provided in a timely fashion, as needed.

There are 2 levels of delinking the personally identifiable information from the related health record(s), namely, de‐identification and anonymization. De‐ identification process is reversible, whereby re‐identification by the competent authority is possible for specified purposes. Anonymization, on the other hand, is a one‐way process, whereby the data once anonymized, cannot be related to any person subsequently. It is necessary to identify the use cases for these 2 processes, depending upon the degree of privacy required.

Though combined as a single building block, Anonymizer shall have all the capabilities required, namely, anonymization, De‐identification and re‐ identification including encryption and decryption as needed.

Ideally, data is anonymized at the primary source of its capture and retention, mostly at the facility level, so as to minimize its leakage while in transit. However, not all facilities may have the infrastructure and capacity to handle the task efficiently. NDHB, therefore, proposes an additional building block, namely, Anonymizer‐as‐a‐Service, positioned at the intermediate (state) layer which will define the principles of anonymization.

The NDHM will facilitate the anonymization of data through appropriate software, utilities, hardware etc. ensuring conformance to the aforesaid principles.

Consent Manager

Health records are personal for an individual and every access to each record requires explicit consent of the individual (data principal). The electronic consent framework specifications notified by MeitY should be used in all aspects relating to the information processing requirements. The goal of the Consent Management Framework and the Consent Manager should be to ensure that the citizen/ patient as the data principal, is in complete control of what data is collected, and how/with whom it is shared and for what purpose, and how it is processed. The framework should apply not only to the data

Page | 22


collected at each touch point and each encounter but to the data relating to the entire Electronic Health Record, both longitudinal (over a period of time) and vertical (relating to an episode).

The IT systems envisaged under the NDHB shall be designed and the existing IT systems enhanced suitably to meet the requirements specified in the Data Protection Bill, in addition to the provisions of IT Act 2000 and the Aadhaar Act 2016 and the rules and regulations notified thereunder. Such a course of action would ensure that the systems are compliant to the existing regulatory provisions, as well as potential future requirements.

The Privacy Operations Centre, envisaged as an independent building block that draws its inputs from the various consent management systems, shall play a proactive role in monitoring privacy, consent and access of health data so as to predict and prevent breaches and to notify the concerned data principals and entities in the event of a suspected breach.

A combination of data protection techniques like anonymization, de‐ identification, encryption and strong responsibilities on the data fiduciaries and data processors in addition to consent manager is recommended, as no single technique could take care of all eventualities.

Consent shall be obtained at the primary source of its capture and retention, mostly at the facility level, before collection of data and before its processing and /or sharing. However, not all facilities may have the infrastructure and capacity to handle this task efficiently. NDHB, therefore, proposes an additional building block, namely, Consent Management‐as‐a‐Service, positioned at the Intermediate (State) Layer which will define the principles of Consent management.

The NDHM will facilitate implementation of consent framework through appropriate software, utilities, hardware etc. ensuring conformance to the aforesaid principles.

Health Locker

The Health Locker is a standards‐based interoperability specification that can be implemented by multiple players to enable the creation of an Electronic Health Record ecosystem. When a medical record needs to be issued, only a reference link is shared with the locker ecosystem. Small clinics / hospitals are expected to subscribe to the authorized repository providers who can integrate with the Health Locker to be able to participate in this ecosystem. The health lockers enable creation of a longitudinal health record from the various links it stores and provide the EHR to the providers who need the same. The EHR is created only after consent is sought from the user. The design will factor uptime, network, storage and security considerations.

The Health Locker system should enable processing the requests for correction of health data and also for the citizen to exercise his/her ‘right

Page | 23


to be forgotten’, i.e. the right to restrict or prevent continuing disclosure of personal data by a data fiduciary related to the data principal where such disclosure (a) has served the purpose for which it was made and is no longer necessary; or (b) was made on the basis of a consent which has since been withdrawn.

Health Information Exchange

All actors in the health ecosystem would in some way or the other be generating or accessing health information, using one or more access applications. The exchange of information needs to be enabled as real‐ time data exchange by implementation of Open APIs and other data exchange mechanisms. From a flow perspective, each access application, to submit or retrieve/ access any information from/ via the Blueprint, needs to be registered with the Health Information Exchange (HIE). The HIE would be responsible for authentication and authorization of all data exchange requests and, if authorized, for routing the request to the providing applications. The design of this component should support implementation of multi‐channel solutions by participating applications, to ensure cross channel capabilities and a seamless user experience and for enabling an open market ecosystem.

Health Analytics

This building block has the objective of providing decision support to the stakeholders on a wide variety of themes, by analysing the aggregated datasets. The Blueprint design must ensure that analytics data is created / collected at source when the medical record is being prepared to be issued to the EHR. Analytics data can be aggregated using either a subscription model or a push model where the data is sent mandatorily to one or more government‐controlled analytics systems. Policies for access to the aggregated health data need to be setup. Figure 2.3 indicates that health analytics component should be available both at the national and state levels.

While the building block of health analytics can have very large scope in terms of the number and nature of themes for analysis, the following initial set of themes is recommended with the corresponding benefits, as shown below:



  Quality of Infrastructure

  Quality of treatment

  Effectiveness of follow up

  Hospital‐acquired Infections

Decision Support Goal(s) (Illustrative)


Quality of Care

  Accuracy of Data

  Completeness of Data

  Appropriateness of Data

  Conformance to Standards


Quality of Data


Page | 24


  Need for Screening

  Early Detection

  Preventive Interventions



  Targeted Interventions in NCD’s

  Identification of endemic areas

  Identification of endemic groups

  Disease Surveillance


Public Health

  Fraud Classification

  Fraud Detection

  Fraud Prevention through systemic improvements


Fraud Detection

 Policy Formulation Support




GIS/ Visualization

This building block provides GIS / Visualization services that can be used by the application layer to answer queries such as finding the nearest hospital with a required specialty? Or plotting of disease incidence in a geographic area etc. The building block must take data sets from the health analytics system and produce outputs that can be consumed by the application layers. The GIS services will help in regional/state level planning and monitoring of health services.

Table 2.2 Technology Building Blocks


iv. Application Building Blocks (Layer ‐4)

The three layers described earlier are expected to provide open APIs that can be used by a wide variety of applications across the health sector – both by public and private providers. Applications across emergency care, healthcare, wellness, medical education and public health are expected to benefit from the National Digital Health Blueprint. Several existing applications need to be modified to comply with the National Digital Health Blueprint. These include:

Government Managed Health Applications

e.g.: Reproductive and Child Health (RCH), NIKSHAY (Online TB Patients monitoring application), e‐Raktkosh, Health Management Information System (HMIS), National Programme for Control of Blindness (NPCB), Ayushman Bharat, Hospital Information System (HIS), Integrated Disease Surveillance Program (IDSP) etc. Telemedicine should be given a high priority given the low Doctor‐Population ratio, especially in the rural areas.

The Ministry of Health and Family Welfare, with the support of WHO, had launched one of the world’s largest web‐enabled, near real‐time electronic information system – the Integrated Health Information Platform (IHIP). IHIP provides for public health surveillance for 33 major outbreak‐prone diseases (IDSP), malaria and Health Management Information System.

Page | 25


Private Sector Health Applications
e.g.: Hospital Management System applications, claims applications etc. being currently used by service providers. Open Source Products may be promoted for the sharing of real‐time patient data among the members of the medical/ surgical/ nursing teams,

especially to ensure timely interventions in tertiary care.

New applications in the healthcare ecosystem will benefit from adoption of the Blueprint as it will speed up development and ensure interoperability at a national level. Given that the eco‐system should be designed to move from healthcare to wellness, specialized applications shall be developed in the areas of Screening (especially of students and women), early detection and referrals.

v. Access & Delivery (Layer ‐5)

Since Healthcare and Wellness related services are primarily contact driven, in addition to the blocks requiring specific IT intervention, the Blueprint also identifies the varied access and service delivery points that need to be the physical/ virtual points of access for the actors of the ecosystem. These are shown in Table 2.3.


Call Centre(s)

Provide telephonic support to all actors of the ecosystem, principally the citizens.

India Health Portal

A multi‐lingual national portal enabling access to digital health services and data

Social Media

For emergency management, health awareness / education and community‐based services like Blood/ Organ Donations.

MyHealth Apps

A wide range of Apps can be built by open market, including Start‐ups and existing Health IT companies of all scales besides Government organizations. The end user thus has the choice of selecting the app that suits their needs best.

Table 2.3 Access &Service Delivery Points

Given the prospects of a near universal coverage of all families in the country with smart phones, all the digital services are to be designed to be delivered through smart phones adopting the Mobile First principle.

The Smart Phones should the preferred medium / channel for dissemination of appropriate content, information, alerts and updates to the large force of health workers, predominantly, the ASHA workers, given that a significant thrust has to be given to the MCH and NCD programs and related field activities. Smart phones can also be the preferred channel for online education of citizens and the field force.

Specific efforts shall be made to launch voice‐based services using appropriate tools customized to work in spoken Indian Languages, in collaboration with the OEMs.

Page | 26


In addition to the above 5 horizontal layers, the Blueprint also identify the following two vertical layers cutting across all the horizontal layers:

vi. NationalHealthStandards

Governance, strategic control, data security, privacy and compliance to standards would be one of the key verticals that cut across all building blocks of the Blueprint. Chapter 3 specifies the various standards to be adopted in these areas.

vii. UnifiedHealthCommunicationCentre

The goal of the Unified Health Communication Centre is to provide a single point of contact to manage public health emergencies. The UHCC consists of a response team and also has the ability to constantly monitor disease surveillance and outbreak response. The large amounts of health data coming into the NDHB should be used to monitor for various diseases working closely with the existing programs of MoHFW and the states. The UHCC consuming information from all other components (internal as well as external), will run analytics on that information and generate alerts and visualizations as required. It shall also deploy artificial intelligence and machine learning technologies.

2.5 Structure of Disease Registries for NCD

Registries can provide healthcare professionals and researchers with first‐hand information about people with certain diseases, both individually and as a group, and it can increase our understanding of the disease over time.

Broadly, disease registries are based on information gathered during community screening and in the hospitals. Screening‐based registries are concerned with recording information about diseases for population at large for different age groups based on well‐defined parameters and invoke referrals. Hospital‐based registries are concerned with recording of information on the patients seen in a particular hospital.

National Cancer Registry being maintained by ICMR and the other disease registries currently maintained in India are not interoperable and not integrated with Hospital Management Information System (HMIS). Disease registries need to be standardized following the NDHB to make them integrated and interoperable. Table 2.4 depicts generic structure of recommended registries.


refers to type of registry viz. community screening or hospital based


refers to the purpose of maintaining the registry


refers to the number and complexity of data points, the frequency of data collection, and the enrolment of investigators and patients

Person Identifier

includes all parameters given under Unique Health Identifier (UHID)

Family Identifier

includes detailed information about family members from UHID

Page | 27



Locational Parameters

includes location to which patient belongs, facility where person has been screened and/or referred to

Screening Parameters

include the disease specific parameters to be recorded



defines the pointers to diagnosis, referrals, treatment, education, adherence to using Electronic Health Record (EHR)

Table 2.4 Generic Structure of Registries


2.6 Harmonizing Current Facility Registry Initiatives

There is a strong need to uniquely identify health facilities and ensure that any health data is correctly tagged with the facility ID to ensure traceability, accountability and reliability of the health information. The Government needs to create a strong facility registry for use by several actors in the ecosystem.

After a comparative analysis of the ongoing initiatives for creation of facility registries (details in Annexure III), the Committee recommends the following:

a. National Health Resources Repository (NHRR) complimented with National Identification Number (NIN) shall be utilized as the main facility registry

b. Incentive‐driven governance mechanisms need to be designed to ensure facility registry is kept updated and made available for integration with health systems

c. The format of the Facility Identifier being used by NHRR may be reviewed and enhanced considering the need for it to interoperate with other identifiers like NIN and ROHINI

d. The format and structure of the identifier should be designed such that it does not allow deciphering of any information offline

2.7 Approach to Unique Health Identifier (UHID)

In the health domain, the need for Unique Health Identifier (UHID) has been recognized for the purposes of uniquely identifying persons, authenticating them and threading their medical records across multiple systems and stakeholders.

UHID contains demographic details like name, father’s / mother’s/ spouse’s name, date of birth/age, gender, mobile number, authentication route, email address, location, family ID and photograph, in line with the person resource defined by FHIR (please refer to Chapter 3 for relevant details of FHIR).

Uniqueness is a key attribute of UHID, and the algorithm that issues a UHID must try to return the same identifier for the individual in all scenarios. The design of UHID may leverage existing multiple identifiers including Aadhaar, PAN card, Ration Card, Electors Photo Identity Card (EPIC) etc., for designing the structure and processes relating to UHID, subject to conformity with the regulatory requirements.

Page | 28


The existing identifiers may be utilized to generate various ‘levels of confidence’ to uniquely identify the patient duly following the 2 principles:

  ‘No denial of Health Service to anyone in any scenario’.

  No scope for medical errors arising out of wrong identification of the patient.
As an identity system, UHID can opt for one of the three system archetypes – centralized, federated and decentralized. A comparative analysis of the three archetypes is shown Annexure IV. It is recommended that the centralized approach is adopted for the following benefits:

  It is easier for a single organization to provide and manage identifiers across the country maintaining uniqueness

  When supported with adequate institutional mechanisms and checks, it evokes higher trust and authenticity

Page | 29


Page | 30





3.1 Objectives of Standards and Regulations

The National Digital Health Blueprint envisages the evolution of an entire eco‐system in the health sector to provide a wide range of services to the stakeholders in a digitally enabled manner. Creation of such an eco‐system, in a heterogeneous and multi‐level environment that exists in India, can happen only through a multi‐pronged approach through the efforts of many actors acting in sync. The Building Blocks of NDHB defined in Chapter 2 need to work in unison in an interoperable manner if all the digital services must be realized for the benefit of all the stakeholders, especially the citizens. Such seamless and boundary‐less interoperability is possible only if all the building blocks and the digital systems are built using the defined standards.

The objective of this Chapter is to define the standards required for ensuring interoperability within the National Digital Health Eco‐system. Adoption and implementation of standards in the health domain is a relatively slow process, as observed from the experiences of some of the countries that embarked on the same. Given this, it is proposed to recommend a set of minimum viable standards in the initial stages.

Given the sensitivity of personal and health‐related data, appropriate recommendations are made with respect to the regulations to be complied with by the actors in the digital health eco‐system.

3.2 Framework & Scope of Standards

The scope of National Digital Health Initiative, the digital services envisaged by it, its guiding principles and Building Blocks have all been identified and defined in the earlier Chapters. The scope of the standards is defined keeping the foregoing in view. Table 3.1 depicts the areas chosen to define the standards for the NDHB.


The consent from patient need to be covered from two aspects – consent for data collection and data use through NDHE.

Content & Interoperability

Standards related to exchange of healthcare data.

Privacy & Security

Standards related to data privacy (through access control) and Security of data at‐rest and at‐motion. Also, aspects such as data immutability and non‐repudiation with audit trail.

Patient Safety & Data Quality

Standards related to ensuring patient safety while collecting data and quality of data captured.

Table 3.1 Areas chosen to define Standards for NDHB

Page | 31


Appropriate recommendations are also made on the aspects relating to adoption and implementation of the Standards.


3.3 Standard for Consent Management

The consent of the citizen plays a major role in ensuring that collection of data is done in a manner consistent with legal rights of the patient. It is also important to ensure that once collected, the data captured is used and disclosed (in an identifiable or anonymized form) in a manner appropriate in law and preserving the citizen‐directed constraints. Towards these, the standards shown in Table 3.2 are recommended for designing the systems and workflows required for consent management:


Recommended Standard

Consent Management

ISO/TS 17975:2015 Health Informatics ‐ Principles and data requirements for consent in the collection, Use or Disclosure of personal health information

Consent Framework

Electronic Consent Framework (Technology Specifications v1.1) with its subsequent revision(s) published by MeitY.

Table 3.2 Recommended standards for Consent Management


The above standard should be implemented in a way consistent with the applicable laws such as Information Technology Act 2000 (and its amendments), various directions, and rules of National Medical Commission and its State counterparts regarding patient consent and protecting patient privacy.

3.4 Standards for Content & Interoperability

Data content plays a major role in availability of appropriate medical information to be used in healthcare, policy formulation and health analytics. The interoperability standards should support the major clinical artefacts used globally. The standards should additionally support extensions to it for any national needs such as country specific clinical data elements, fields, records and value sets.

Interoperability in the context of digital health is of two types, viz. technical interoperability and semantic & syntactic interoperability. This section defines the minimum requirements of interoperability of both the types.

a. Technical Interoperability

Technical Interoperability is substantially defined in IndEA and its basic requirements are mentioned briefly here:

Page | 32


  The Interoperability Standards defined by IndEA Framework shall be adopted by all systems constituting the NDHE. This should preferably be a mandatory requirement for registration of the entities involved.

  NDHE seeks to connect varied systems developed using different technologies and on different platforms. The standards should therefore support integration of all such systems. This reduces complexity and change management of all the implementers.

  The standards should be agnostic to the underlying infrastructure relating to computing, storage and networking. Implementers should be able to incorporate the standard on top of their existing solutions.

  The blueprint recommends a federated architecture for collecting and storing health information. While certain core datasets like registries, would be managed centrally, the bulk of information relating to citizen/ patient health records would be maintained and managed in a distributed model, i.e. at state/regional centers or at the sites of the service providers. The repositories of NDHB shall support only records conforming to standardized formats of content.

b. Semantic & Syntactic Interoperability (Content)

Apart from technical interoperability, required for seamless exchange of clinical records, semantic interoperability standards shall be adopted for health‐related terminology and formats

The Fast Healthcare Interoperability Resources (FHIR) R4 Specification is the latest standard for exchanging healthcare information electronically. It is built upon the HL7 series of standards and is considerably rationalized and simplified. Adoption of FHIR ensures that the electronic health records are available, discoverable, understandable, and structured and standardized to support automated Clinical Decision Support (CDS).

The building blocks of FHIR are Resources. FHIR specification defines a set of 13 modules with 143 resources, and the infrastructure for handling the resources.

The following recommendations are made in respect of adoption of semantic interoperability:

●  FHIR Release 4 should be adopted with any future errata(s) for all health‐related information sharing/ exchange.

●  For quick implementation a small but necessary set of health record artefacts shall be taken up first.

●  Other artefacts may be taken up in phased manner to ensure early roll‐out, easy adherence by implementers (source of data/record), and to enable spreading of the associated costs over a period.
A set of 8 essential and minimum classes of health record artefacts should be notified for data capture in NDHB. The list of health record artefacts prioritized and mapped to the suggested corresponding FHIR resources is shown in Table 3.3. Depending on health record

Page | 33


artefact requirement, other relevant FHIR Resources (not explicitly mentioned here) may also be used.


Sr. No.

Information Record Purpose

Patient Demographics Care Provider Details

Corresponding Resources in FHIR



Patient Practitioner Person

FHIR Resource






History, Problem & Diagnosis


Family Member History Condition
Clinical Impression



Vitals, Results, Assessments (incl. Pregnancy, Death), Wellness parameters


Observation Diagnostic Report



Adverse Event, Alert


Adverse Event Allergy Intolerance



Medication / Wellness Lifestyle / Diet / Vision


Medication Request Immunization



Nutrition Order Vision Prescription Care Plan








Admission / Discharge / Transfer / Order


Appointment Encounter Episode of Care Service Request





Coverage Eligibility Request/ Response Claim/ Claim Response

Table 3.3 Health record artifacts mapped to FHIR resources


c. Content & Interoperability Standards

Apart from standards for content, it is necessary to define the standards required in the major areas of healthcare, namely, diagnostic content, terminology and codes for statistics and laboratory tests. These standards are specified in Table 3.4.

Page | 34



Recommended Standard

Structured Clinical Information Exchange

FHIR Release 4 (subject to section 3.4.2) (with any future errata(s))

Still Images / Documents Audio / Video

Still Image: JPEG
Document/ Scan: PDF A‐2
Audio: MP3 / OGG
Video: MP4 / MOV
(embedded as binary content in relevant FHIR resource)

Diagnostic Images (Radiology including CT, MRI, PET, Nuclear Medicine / US / Pathology), Waveforms (e.g. ECG)

DICOM PS3.0‐2015c
(embedded as binary content in relevant FHIR resource)

Terminology/ Vocabulary

(for all clinical terminology requirements in health records)

Coding System

(for statistical classification of diseases and related health problems)
(for observation, measurement, test‐panels, test items and units)

Table 3.4 Content & Interoperability Standards

3.5 Standards for Privacy & Security

Preservation of privacy of patient’s healthcare is an important consideration that needs to be incorporated in the overall design and implementation of the Blueprint. The standards and various operational requirements for privacy and data security are specified in Table 3.5.


Recommended Standards


Digital Certificate, TLS / SSL, SHA‐256, AES‐256

Access Control

ISO 22600:2014 Health informatics ‐ Privilege Management and Access Control (Part 1 through 3)

Table 3.5 Privacy & Security Standards


In addition, it is important to ensure that data is reliable and verifiable. Provisions and guidelines related to the following should be incorporated in operational aspects of the blueprint:

Page | 35



Record once created cannot be deleted or modified without following due process.


Any record created may be ‘amended’ with new version number of same records with any changes (previous records to be marked inactive) with only highest version considered active.


All created records must be traceable to its creator unambiguously.

Audit Log

All creation, amendments, access of records should be audit logged in manner that it is verifiable and reliable

Patient Control

Patient should be able to access/view own health records anytime, and control access by others.

Table 3.6 Attributes of Reliable and Verifiable Data


In regards of above, provisions, guidelines, standards prescribed in EHR Standards for India 2016 should be incorporated.

3.6 Standards for Patient Safety & Data Quality

Quality in healthcare services and safety of electrical‐medical equipment are of utmost importance in the NDHB. Electrical‐medical equipment used in the NDHE should be safe for the patient and para‐medical personnel and against safety hazards like electric shock, harmful radiation, excessive temperature, implosion, mechanical instability and fire. Bureau of Indian Standard has published 38 standards in this area. These standards are either an adoption or technical equivalent of the related IEC standard. The work on some additional standards is ongoing in IEC/TC 62. At present, the certification against these safety standards is not mandatory in India. Keeping importance of safety of such equipment, safety certification of the equipment may be made mandatory for participation in NDHE.

Delivery of standardised care / treatment provided to patient can go a long way in ensuring safety of patient throughout treatment and instil confidence in patient and care provider towards diagnosis and treatment, among other benefits. The Standard Treatment Guidelines (STGs) issued by public health authorities should be incorporated into clinical treatment and IT system workflow for standardisation of treatment / care given to Patient and reporting to public authorities where required.

3.7 Availability of Standards

Most of proposed standards except FHIR are already part of EHR Standards for India 2016 notification. All proposed standards are open specifications from respective Standards Bodies and are internationally supported. The ISO/BIS standards are readily available. Use of SNOMED CT is free as India is already a member country.

Page | 36


3.8 Enablers of NDHB

Other than standards, various architectural, design and operational recommendations are shown in Table 3.6 to ensure cohesiveness of the Blueprint:


MDDS & EHR Standards for India 2016

Meta Data and Data Standards solve the problems of common data dictionary at the semantic level. The EHR Standards for India 2016 is overarching set of recommendations for creating, interoperating and using health record systems within an enterprise and external ecosystem at various levels. Inter‐operability at the technical level would require specific integration solutions. Inter‐operability at the institutional level would require a dialogue between public health organizations, to understand information needs, as well as barriers to better quality and use of information. Solving the semantic and technical barriers brings inter‐ operability much closer.

Hub & Spoke Model

As there are glaring incongruities between health systems at various levels of governance and delivery, the hub and spoke model may play a vital role in designing the components of NDHB, especially referring to the health data storage and operations management. The clinical establishments particularly in rural areas where sufficient infrastructure (servers, storage and bandwidth) is lacking, face a problem. In such cases, health data may be stored in a bigger facility equipped with necessary infrastructure. In this model, all the smaller clinical establishments will act as a spoke and the location where this data is stored will act as a hub. In such a model, Hubs will also act as spokes for larger hubs maintained at state, regional or national level.


eSign is an online electronic signature service which can be integrated with service delivery applications via an API to enable the user to digitally sign a document. Considering the requirements of health data like non‐ repudiation and trusted access / transfer for various medical workflows such as advices or referrals NDHB can leverage the eSign services in a cost‐ effective manner.

Table 3.7 Architectural, design and operational recommendations


3.9 Recommended further work on Standards

While an attempt has been made in this Chapter to deal with the core and minimal standards required in the initial phases of implementing the Blueprint, further work of creating appropriate policies is needed in the following areas:

Page | 37


. a)  Structure of Core Health Records for AYUSH and Wellness related information and Indexes to be maintained centrally

. b)  Policy for digitization of legacy or non‐standardized (free‐text/paper) health record

. c)  Policy for storing heavy records (PET/MRI/CT)

. d)  PolicyformakingtheEHRSystemcitizen‐controlled

. e)  Policy for emergency access to the records

. f)  Policy for use of records for research (anonymization & de‐identification) and analytics

. g)  Policy for record retention and archival

. h)  NationalSafetyCertificationInfrastructureforElectrical‐MedicalEquipment

. i)  MoHFW when revising EHR Standards for India 2016 may include FHIR R4

Page | 38





4.1 Background

An ambitious initiative like NDHB can materialize only if the right institutional framework is put in place. The following factors should be considered in suggesting the right organizational structure:

●  Evaluation of capabilities of existing organizations handling large scale health IT systems to be considered as potential candidates for implementing the Blueprint

●  Identification of the gaps between the existing capabilities in the identified organizations and that required for the Blueprint and analysing whether such an organization could be re‐organized and strengthened to carry out the task.

●  Whether we would require an entirely new organizational entity to drive this initiative.

●  Learning from international experiences of creating similar institutions

●  Designing a governance and operational structure that could accommodate the concerns of a wide variety of stakeholders and yet be operationally nimble enough to adapt to a complex business environment and ever‐changing technological
An evaluation was done of the existing organizations such as CHI and CBHI which are handling health data and housed within the Ministry of Health and Family Welfare, Government of India. A comparative analysis has also been done of all the national organizations handling large data. Additionally, focus has also been on reviewing the international experience in creating Electronic Health Record (EHR) structures (especially studying the South Korean model of EHR structure). It is observed that any new organization will need to have certain attributes by design:

●  financial independence,

●  ability to get the right personnel and retain them,

●  staying ahead of the technology curve,

●  speed and productivity in implementation,

●  promoting ownership on the part of the user community within the new structure
and the institutions supporting them,

●  cost and time effectiveness
At the outset, it is proposed that the entity to be charged with the responsibility of implementing NDHB be called ‘National Digital Health Mission’ (NDHM), to connote the missionary approach required for its successful implementation.
In a nutshell, it is important to underscore that the success of NDHM is dependent on its wide adoption by both Centre and State, public as well as private entities. Its adoption rests heavily upon the clear definition of the role and responsibilities of NDHM. To establish a clear

Page | 39


mandate for the NDHM, the following key components, roles and responsibilities are envisaged:

National Health Electronic Registries

to establish the standards and core infrastructure required to create a single source of truth for and manage master health data of the nation;

A Federated Electronic Health Records (EHR) Framework

to solve twin challenges of access to their own health data by patients and to healthcare service providers for treatment, and availability of health data for medical research ‐ critical for advancing our understanding of human health;

A National Health Analytics Platform

to bring a holistic view combining information on multiple health initiatives and feed into smart policy making, for instance, through improved predictive analytics;

Other Horizontal Components

including, and not restricted to, Unique Digital Health ID, Health Data Dictionaries and supply chain management for drugs and information exchanges and gateways, shared across all health programs.

Enabler & Facilitator

NDHM as an organization shall combine twin capabilities, namely, the architectural and design capabilities for creating the core components and the coordinating abilities to enable and facilitate the implementation of the NDHB by all other stakeholders in a concerted way.

Table 4.1 Key Responsibilities of NDHM


The role of the NDHM will be to provide information and data to different components of the health eco‐system to work together. It will also provide the technological infrastructure for collection and storage of core/ master data through the various registries.

The responsibilities of the NDHM will include:

  Promoting establishment of the core technology components and standards for collection of core health data by the providers and patients

  Facilitating interoperability of healthcare data through a unique identifier for the provider and patient across the health system

  Facilitating linkage and consolidation of health records generated in various national programs of the Central and State Governments, besides the records generated by the private hospitals, labs and other service providers

  Improving the quality of health data collection, storage and dissemination for purposes of research and policy decisions

Page | 40


  Publishing national indicators for health, to measure quality of care and progress against policy initiatives and SDG Goals

  Capacity building on health informatics, safety, security and privacy
4.2 Essential Elements of the National Digital Health Mission (NDHM)
The Institutional Framework of the NDHM will have to operate at two levels, namely the Governance level and the Implementation level.
The Governance architecture of NDHM should comprise of the following elements for it to be a successful enterprise:

  Clear and well‐defined leadership structure with reasonable autonomy

  Clear demarcation of roles and responsibilities

  Separation of policy, regulatory and operational functions

  Decentralized leadership and decision making

  Robust and transparent processes and systems
The implementation architecture of NDHM must incorporate key elements such as a clear leadership structure, convergence between core ministries and departments, citizen‐centric approach and services, conductive policies, legal and regulatory frameworks, appropriate technology architecture, information management and security, infrastructure expansion, planning, monitoring and evaluation in a comprehensive manner.
4.3 Global Experiences

Over the past two decades there have been several Digital Health initiatives that were

launched globally to improve the quality of health care and bring down the healthcare costs.

While some countries like the United States are ahead of the curve in terms of the availability

of Information and Communication Technology (ICT) infrastructure, other countries are in

the process of reforming their respective health care sector using IT as a key component of

the process.

In England, the National Health Services‐Digital (NHS Digital) is the national provider of information, data and IT systems for commissioners, analysts and clinicians in health and social care. It provides digital services for the NHS, including the management of large health informatics programmes. They deliver national systems through in‐house teams, and by contracting private suppliers. These services include managing patient data, the NHS Spine, which allows the secure sharing of information between different parts of the NHS, and forms the basis of the Electronic Prescription Service, Summary Care Record and Electronic Referral Service.

In South Korea, the Ministry of Health and Welfare (MOHW) created a specialized organization to maintain EHR. Several advisory committees were created for providing policy directions and expert opinions. Two centres were created for carrying out system development and the related researches: Implementation Centre for Development and

Page | 41


Research, and Development Centre for EHR. South Korea has been successful in developing their digital health infrastructure due to reliable and cost‐effective IT platform, user‐friendly application systems, standards, laws, budgets, and strong support from various stakeholder groups such as the Korean Medical Association and citizens’ groups.

The experiences of NHS Digital in England, Canada and the South Korean Model are particularly relevant for India and what we intend to achieve through the proposed NDHM.

4.4 Indian Scenario: Comparative Analysis of existing Organizations

India has made remarkable progress in the Information & Communication Technology (ICT) space over the past two decades. The IT revolution in India has also had a positive impact on the public sector governance architecture in India which led to some transformational initiatives like Unique Identification Number (UID‐Aadhaar) for almost all the residents of India, IT enabled platform for GST, IT systems integration in banking sector and IT‐enabled public service delivery.

While India has pockets of IT excellence within the public sector the application of IT enabled systems has not been uniformly adopted across the entire governance system. The IT initiatives in the health sector in particular, have been fragmented and compartmentalized hindering the realization of the full potential of ICT.

To develop a robust Institutional Framework for the National Digital Health Infrastructure it is imperative to understand and analyse the institutional framework of existing organizations that have been successful in implementing IT‐enabled services for the citizens. A detailed analysis of 8 existing organizations implementing IT enabled services (namely, NSDL, UIDAI, GSTN, NIHFW, NPCI, NIC, CHI and NHA) (Annexure: VI) has been done along 3 different dimensions, namely

. a)  Nature of legal entity, ownership, mandate and services provided

. b)  Suitability of the organization/ its Model w.r.t the needs of NDHM

. c)  Pros and cons of choosing an existing institution Vs creating a new institution.

Following the analysis of the organizations it is concluded that none of the organizations in its current form can take on the responsibilities of such large‐scale implementation of the specialized task of realizing NDHB. However, it is instructive to pick up some specific features of these organizations, which are relevant and essentially required for implementation of NDHB.

4.5 Recommended Institutional Framework of NDHM

Given the federal nature of Indian government and the fact that (a) Health is a state subject, and (b) it is necessary to incorporate private sector (both service providers and insurance), it is felt that an institutional framework which is a hybrid of GSTN, UIDAI and NPCI should be considered. The following factors weighed with the committee in this regard:

Page | 42


  Study of international institutional frameworks is suggestive of separation of regulatory and implementation bodies. While regulatory body takes care of policy making and policy administration, the implementation body should stay close to market for voluntary adoption; build best technical solutions and processes around products (building blocks), with security and privacy being of great importance.

  The model Institution should have a legal backing with right level of focused leadership, to allow the necessary independence for hiring the best technical staff at market rates, manage human resources, access to enough funds and ability to co‐opt the private players.
Following the analysis of existing Indian organizations and reviewing the international case studies, it is proposed that the National Digital Health Mission should be set up as a new organization. The following further suggestions are made:

. a)  To avoid duplication of activities the existing organizations handling electronic records and with similar functions should be subsumed in the new organization.

. b)  It is essential that both the Central and State Governments be the joint owners or stakeholders in this new organization.

. c)  A combination of the GSTN and UIDAI models of institutional structure is suitable for National Digital Health Mission.

. d)  Given the sensitivity of health data involved, Government should have complete ownership of the proposed institution with flexibility to attract private sector talent at appropriate levels of implementation, with adequate safeguards.

. e)  While the organization may be established as a Mission initially, it can be converted into a National Digital Health Authority, a statutory body, at an appropriate time in its evolution.

. f)  The Structure of the Organization should include two separate arms ‐ one for regulation and the other for operational management as shown in Figure 4.1



Govt. owned organization

Governace Structure

Governing Body at Apex level

Board of Directors based model for regulations

Vision & Mission

Vision : To be a world‐class health informatics organization

Mission : To provide every Indian with access to high quality digital health services




Health ID

Open APIs

Data Governance

Enterprise Architecture


Figure 4.1 Vision and Mission of NDHM Organization

Page | 43


4.6 Roles and Responsibilities within the Institutional Framework

The roles and responsibilities at various levels of NDHM are suggested in Table 4.2






Apex Level

  Policy formulation and regulation related to National Digital Health Mission

  Supervising the function of the entire National Digital Health Mission

  Providing guidance to the National Digital Health Mission at the highest level

 Provide policy direction


Board of Directors

  Administrative leadership to the National Digital Health Mission

  Develop policy direction for National Digital Health Mission

  Develop models for self‐financing of National Digital Health Mission

  Implement policies and decision approved by the Board of Governors at ground level

  Identify models for funding Operation

  Coordinate with MoHFW and the States/UTs

  Engage with private sector to ensure their
participation in the National Digital Health

  Resolve technical and operation issues at
ground level

  Policy administration

 Develop mechanism

financing for of Digital

sustainability National Health Mission



  CEO to have overall execution
responsibility of the National Digital Health Blueprint

  Ensure private sector participation in National Digital Health Mission



  Manage day to day operation at the ground level

  Capacity building of health informatics

  Ensure smooth implementation of National
Digital Health Infrastructure

 Overseeing all the activities of operation including implementation, training, support and modifications

Table 4.2 Roles and Responsibilities


The administration/implementation of the NDHM will rest on the CEO and will involve coordinating with different ministries/departments of the Government of India and State Governments. Hence it is proposed that the CEO should be of the rank of either a Secretary or Additional Secretary to the Government of India. The decision related to active engagement of private sector will be managed at the level of CEO to ensure up to date

Page | 44


technology up gradation and effective administration/implementation of the National Digital Health Infrastructure.

4.7 Core Digital Services

The value of a Mission such as NDHM will be realized through the quality of the core services it offers to the stakeholders, and facilitates the design, development and delivery of digital health services to the end users. NDHM will be shaped as the Technology Arm of the Health Sector of India. As such the focus of NDHM shall be primarily on the Core Technical Services it offers to the various organizations comprising the NDHE, in the public, private and NGO Sectors. However, given the nature of NDHB, it is necessary for the Mission also to make available to the stakeholder community certain generic/ common applications relating to the health domain, to avoid duplicative efforts by multiple States/ organizations. Such common services shall be reusable, multi‐tenant, open source, and standards‐compliant.

While an exhaustive list of the digital services to be offered or promoted by NDHM will call for a stakeholder consultation and detailed deliberations, the Committee thought it fit to provide an illustrative list of the Digital Services. The list is shown in Annexure VII.

4.8 Leveraging Emerging Technologies

Significant efforts are going on across the world to deploy the emerging technologies for improving the performance of the health sector. These technologies currently include artificial intelligence, machine learning, internet of things (IoT) and big data. It is essential that a major initiative like the NDHB should leverage these emerging technologies in an appropriate way at the earliest opportunity. While blockchain technology has been much talked about, its efficacy in addressing the issues of the health domain will also be explored.

There is a speedily growing innovation sector in India in the form of large number of start‐ ups, many of which are focused on developing innovative solutions for the health sector. It is essential that these creative talents are leveraged and tapped for the rapid growth of digital services in health sector that will contribute to convenience, value‐added services and cost‐ effectiveness.

To enable the same, it is recommended that

a) An Innovation Wing may be created within the proposed structure of NDHM, with the responsibilities of (i) keeping abreast of the developments in the emerging technologies, with a special focus on their efficacy in the health sector; (ii) undertaking PoCs in the deployment of emerging technologies and (iii) creating sandbox environments for entrepreneurs to try out these technologies.

b) A policy on Value‐Added Services (VAS) may be brought in allowing for (i) identification and notification of areas where VAS would be possible and viable; (ii) registration of start‐ ups and developers who intend to develop VAS; (iii) publishing selected APIs to enable the registered developers to develop and provide VAS to the stakeholders.

Page | 45


c) A special focus may be laid by NDHM to leverage the opportunities available to use AI in several different areas, like for instance, (i) empowerment of field functionaries to provide more effective extension services in the rural areas, and (ii) developing user‐ friendly and trustworthy clinical decision support systems.

4.9 Critical Role of State/UT Governments

Health is a concurrent subject under the Constitution of India. Several of the recommendations made in NDHB need to be accepted and implemented by the State/UT Governments. It is therefore recommended that an appropriate structure may be designed for a concerted action by the central and state governments for the successful implementation of NDHB. This is particularly important in view of the need for a widespread adoption of health informatics standards and of the building blocks of NDHB. Such a coordinated action is also required to ensure that the fundamental premise of federated architecture adopted by NDHB succeeds at the ground level. An equally important area needing close coordination between the Centre and the States is the security and data protection obligations envisaged under NDHB.

While representation in Figure 2.2 makes an attempt to bring out the nature of responsibilities to be undertaken at the central and state level, a granular definition of these responsibilities has to be done by the Ministry, during the planning phase (see Table 5.1 ‐ Year 1)

4.10 Financing Model

National Digital Health Infrastructure is a public good. Its funding model must reflect this. In the earlier years, it must have budgetary support from the Government of India to get the core components of the National Digital Health Infrastructure built and operational.

A study was conducted to understand key cost components associated with the set up and running of organizations such as GSTN, UIDAI, NHA etc. to assist in the estimation of budgets required to support successful formation and running of the National Digital Health Mission.

It was observed that development cost (capital cost), people and property (operating costs) formed the major cost components of such organizations. For the NDHM to be successful it will be important to undertake outreach activities with public and private sector players. The NDHM will have to co‐opt market players like MedTech companies, NGOs, Foundations working in Health space as it builds the public utilities in the form of Registries, EHR, Health ID and Health Information Exchange etc. The outreach organization will have to have strong presence in all the states to ensure adoption of public utilities both by the state govt. as well as the Health ecosystem players.

If the new organization raises a part of its funding through a transaction fee, it drives a service orientation within the organization. However, it must be done without the risk of diluting the public good nature of the institution. This can be done by using the concept of toll pricing model where no profit‐making is allowed.

Page | 46


4.11 Criticality of Capacity Building and Change Management

Implementing NDHB is a gigantic matter given the size, complexity of the sector and the diversities across the country. NDHB proposes a fairly complex system that can be realized through high quality expertise flowing into the Architecture, Design and Development phases, not merely within NDHM organization but across all the stakeholder organizations, in a concerted and coordinated way. This requires a carefully designed Capacity Building Plan to be undertaken widely.

Given that significant changes would be called for in the existing processes and systems and in the mind‐set of the people currently managing the same, a highly professional approach is needed in the area of Change Management. Adequate budgetary resources need to be provided for Capacity Building and Change Management.

4.12 Need for Proof‐of Concept and Sandbox Environment

Again, given the significant number and complexity of most of the components and building blocks of the NDHB, attempting to implement all of them at a time is fraught with a high risk of failure, not only on the technology front but also on the people side as well as on the regulatory aspects. It is therefore strongly recommended that the NDHM shall undertake a few PoC’s in respect of all the critical components, before production level designs are made. In addition, a set of environments in the form of a set of regulatory sandboxes and technology sandboxes in selected areas.

4.13 Recommendations in summary

The suggested model for the implementation of the National Digital Health Mission (NDHM) is as shown in Table 4.3


A new organization with a Governing Council and Board of Directors


Government owned body


Unique Health ID, Health Directories and Masters, Health Information Exchange and open API’s for health informatics, insurance and health fiduciaries.

Vision and Mission

Vision: To be a world‐class health informatics organization
Mission: To provide every Indian with access to high quality digital health services

Table 4.3 Suggested model for NDHM


The recommendations are as follows:

a) NDHM should be a completely government owned body to ensure appropriate control within Govt. (centre and states) as well as independence to deliver technology infrastructure within stipulated time frames and a business development orientation to co‐opt the private players in the health eco‐system.

Page | 47


b) TheInstitutionalstructuremustincludeanorganizationwithtwodifferentarms‐oneto handle the policy and regulations and the other for operations and service delivery.

c) Focus on providing concrete value to all players in the health ecosystem (centre and state, private and public, service providers, insurance and citizens) through reduction in transaction costs, availability of core infrastructure and standards as public good and simple processes for easy adoption are more likely to bear desired results.

d) SettingupaneworganizationtoimplementtheNationalDigitalHealthBlueprint.

Page | 48





5.1 Purpose

Any blueprint is as good as the systematic way in which it is planned and implemented. Preparation of a high‐level action plan is therefore considered to be an essential part of the National Digital Health Blueprint. The action plan outlined in this Chapter seeks to serve the following purposes:

. a)  The Action Plan enables crystallization and definition of the scope and outcomes of the initiative and to identify the methods to be deployed for the implementation of the Blueprint;

. b)  It provides the approach to prioritization of various activities required to fulfil the vision and objectives of the initiatives;

. c)  It paves the way for the establishment of the institutional structure at the earliest;

. d)  ItidentifiesthecorebuildingblocksoftheBlueprintandguidestheactiontoputthem
in place in a logical sequence;

. e)  It forms the rallying post around which can be created a widespread awareness of NDHB;

. f)  It speeds up the process of creation of the critical mass of capacities and capabilities required for a smooth implementation of NDHB.

This Chapter outlines the approach to address the above purposes effectively.

5.2 Scope

The NDHB described in the previous chapters indicates, at different places, the contours of the scope of work to be done if a digital health eco‐system is to be established in the country. It is necessary to identify, collate and analyse all these work items to know the precise scope of NDHM. The following requirements culled from the previous chapters help us define the Scope more precisely:

. a)  Health and Well‐being for all;

. b)  HealthandWell‐beingatallAges;

. c)  Universal Health Coverage;

. d)  Citizen‐centricServices;

. e)  QualityofCare;

. f)  Accountability for Performance;

. g)  Efficiency and Effectiveness in delivery of services;

. h)  Creationofaholisticandcomprehensivehealtheco‐system.

The Action Plan must be designed to ensure that the scope as above is well‐served.

Page | 49


5.3 Expected Outcomes

It is essential that clear outcomes are laid down for a major initiative like the NDHM, so that all the stakeholders can work towards achieving a common set of goals. The outcomes listed here are again culled from the previous chapters and collated for a holistic view. The various artefacts and deliverables of NDHM should be designed and developed in such a manner as to enable us to move in the direction of the outcomes.

. a)  All citizens should be able to access their Electronic Health Records in a convenient manner;

. b)  Leveraging longitudinal health record data, a citizen to be facilitated and he / she need not undergo diagnostic tests repeatedly unless warranted;

. c)  Citizens should be able to aggregate health data in a single application (EHR) though multiple agencies/ departments/ services providers are involved where the data Is generated;

. d)  NDHMshallassurecontinuumofcaretothecitizens,acrossprimary,secondaryand tertiary care and across public and private service providers;

. e)  A framework for Unified Communication Centre will be prepared to facilitate voice‐ based services and outreach;

. f)  NDHM shall support national portability for healthcare services;

. g)  Privacy of personal and health data, and consent‐based access of EHRs will be the inviolable norm that shall be complied by all systems and stakeholders;

. h)  NDHMwillbealignedtotheSDG’srelatedtohealth;

. i)  NDHM will enable evidence‐based interventions in the area of public health;

. j)  Above all, the analytical capabilities of NDHM will support data‐driven decision‐ making and policy analysis.

5.4 Methods & Instruments recommended by NDHB

Adoption of methods established in the health and IT domains would enable a systematic implementation of the blueprint. The following methods have been recommended by NDHB:

. a)  Federated architecture

. b)  UniqueHealthId(UHID)

. c)  Electronic Health Records (EHR)

. d)  Metadata & Data Standards (MDDS)

. e)  Health informatics standards

. f)  Registries for NCDs

. g)  Directories of providers, professionals and para‐medicals

. h)  Legislation and regulations on data management, with focus on privacy and security

. i)  Data analytics

Page | 50


Parallel streams of activities need to be initiated on all the above items.

5.5 Suggested 5‐Year Action Plan

The essence of an action plan is the list of actions or deliverables, the timelines and responsibilities for the same. The Action Plan turns the Blueprint into an actionable document through these deliverables. A list of ‘deliverables’ is given in the Table 5.1, in the form of an indicative 5‐year action plan. The following explanatory notes enable a correct appreciation of the action plan

. a)  Specific and granular responsibilities can be firmed up after an organizational structure is put in place by the Ministry. As alluded to in Chapter 4, some of the early deliverables need to be worked upon by an ‘interim organization’, so as not to delay the implementation phase.

. b)  The NDHB contains several other components, which have not been included in the NDHM action plan, as the responsibility for the same rests on the State Governments, health service providers, or the IT Industry.

. c)  While some of the deliverables listed below fall within the direct responsibility of NDHM, others require only facilitator/ enabling action by the NDHM with implementation responsibilities lying with the other entities.

Year 1

(Planning & stabilizing NDHM)

Year 2

(Pre‐requisite infrastructure)

Year 3 (Execution)

Year 4

(Analytics & Innovation)

Year 5

(Sustenance & Research)

  ApprovalofNational Digital Health Mission (NDHM) and its operationalization.

  Designand development of federated enterprise architecture, adopting Agile IndEA Framework.

  Design of core building blocks of NDHB (to be identified) and defining their

  Designingand establishing Unique Health Identifier(UHID) , directories of health professionals & health institutions

  Designand implement federated health cloud & secure network infrastructure.

  Enhancingof legacy systems to

  Establishing Health Information Exchange (HIE)

  Design, develop and launch Common Applications

  Establish health app store

  Designand implement capacity

  Implementation of artificial intelligence enabled clinical decision support systems

  Designingand developing health analytics platform

  Designand develop anonymization methodology for health data analytics

 Establish Security

  Ensuring continuum of care

  Continued Research

  Sustenanceof operations

Page | 51


standard interfaces

  Assessmentoflegacy systems for conformity with NDHB.

  Designand notification of NDHM Security & Privacy Policies

  Designand development of consent management framework

conform to NDHB Principles, and interoperable

 Implementationof a plan for adoption of health informatics standards including Electronic Health Record (EHR) for citizen with family folders

building plan

 Establishthe repository of standards, API’s, metadata and data dictionaries

and Privacy Operations Centre (SOC), Network Operations Centre (NOC) and Privacy Operations Centre (POC)

 Designand notification of Framework for value‐added services

Table 5.1 Suggested Acton Plan for NDHM

Page | 52




Composition of the Committee on NHS

The Ministry of Health & Family Welfare, through its Office Memorandum T‐21 016178/2018 eHealth dated 12th November 2018, constituted a Committee on NHS, with the following composition:

Annexure I

Chairman of the Committee

Shri J. Satyanarayana, (Former)Chairman, UIDAI & Former Secretary, MeitY


Shri Sanjeeva Kumar, Additional Secretary, Ministry of Health & Family Welfare

Special Chief Secretary(Health), Government of Andhra Pradesh

Additional Chief Secretary(Health), Government of Madhya Pradesh

Mr. M. S. Rao, President & CEO, National eGovernance Division (NeGD)

Shri Alok Kumar, Advisor(Health), National Institution for Transforming India (NITI) Aayog

Shri Lav Agarwal, Joint Secretary(eHealth), Ministry of Health & Family Welfare

Nominee of Secretary, Ministry of Electronics and Information Technology

Nominee of CEO, National Health Authority(NHA), Ministry of Health & Family Welfare

Dr. Neeta Verma, Director General, National Informatics Centre (NIC)

Shri Gaur Sunder, Joint Director, Centre for Development of Advanced Computing, India

Director(eHealth), Ministry of Health & Family Welfare

Page | 53


Annexure II

Composition & ToRs of the Sub‐Groups formed by the Committee




Scope, Principles & Services

Shri Lav Agarwal,
Joint Secretary (eHealth), Ministry of Health & Family Welfare (MoHFW)

a. List domain areas of high priority and of high impact, with a focus on Wellness;

b. Revise objectives of NHS to balance domain requirements with technology interventions;

Building Blocks & UHID

Dr. Neeta Verma, Director General, National Informatics Centre (NIC)

a. Identify and Define the Building Blocks for Domain and IT;

b. Structure of registries for NCDs like Cancer, Diabetes etc. ;

c. Harmonization and consolidation of Id’s – Unique Health ID, NIN, NHRR;

d. Recommendation on the need for another ID, like UHID

Standards & Regulations

Mr. Jaideep Mishra, Joint Secretary, Ministry of Electronics and Information Technology (MeitY)

a. Minimum Standards required for adoption of EHR in a phased manner, including standards relating to wellness;

b. Feasibility of defining Indian standards in Health domain;

Institutional Framework

Shri Alok Kumar, Advisor(Health), National Institution for Transforming India (NITI) Aayog

a. Reforms required in current structures;

b. Reforms required in current major schemes;

c. Institutional framework for the development
and implementation of NHS.

Page | 54


Comparative analysis of 4 Initiatives on facility registries

Annexure III






Initiative by MoHFW to create a registry of Hospitals in the country

Insurers came together to create this DB to eliminate fake hospitals in insurance claims

Initiative by MoHFW to use a survey methodology to list every health facility in the country

Initiative to capture detailed info from secondary and tertiary care hospitals for empanelment

Process Owner






250,000 public facilities from sub centres upwards

15,000 private facilities who are active in health insurance

Public and private facilities including clinics, diagnostic centres (Going on ‐ likely to be > 10,00,000)

14,000 public and private facilities empanelled under PMJAY

Basic Info





Detailed Info





Process to Update



Under Development


Incentive for facilities to participate





Trusted Data

Verified by district administration

Verified by insurer / TPA

Respondent based

Verified by district administration

Page | 55


Annexure IV

Comparative analysis of 3 archetypes for UHID







A single organization establishes and manages the identifiers

Different stand‐alone entities, each with its own trust anchor, establish trust‐based interactions with each other.

Multiple entities contribute to a decentralized digital identity; user controls sharing of identity data


Level of Adoption

& Trust

Adoption dependent on value; trust dependent on system owner and identity proofing

Adoption dependent on establishing trust relationship; trust dependent on identity proofing

Trust dependent on trust anchors and attestations



Can be built with specific purpose in mind; potential for organizational vetting of identity data

Users can access a wider range of services; efficiency for organizations

Increased user control and reduced amount of information collected and stored by organizations



Generally low user control; centralized risk and liability; potential for abuse

Generally low user control; high technical and legal complexity

Governance model, acceptance and participation is complex; evolving landscape; complex liability


Page | 56


Mistakes to be avoided in designing EHR

Annexure V


Page | 57


Annexure VI

Status of 8 existing IT‐driven organizations

Institution/ Organization






For Profit Organization

Equity stake of multiple banks public and private and National Stock Exchange

NSDL provides various services in the capital market like, clearing members, stock exchanges, banks and issuers of securities

To serve the nation with technology, trust and reach and ensure that every Indian became a prudent investor



Ministry of Electronics and Information Technology (MeitY)

Unique Identification numbers (UID), named as “Aadhaar”, to all residents of India

To provide good governance, efficient, transparent and targeted delivery of subsidies and benefits to residents of India through assigning of unique identity numbers


Not for Profit Organization

The central and state governments own 49% equity and Balance 51% equity is with non‐ Government financial institutions

The GST System Project is a unique and complex IT initiative that implements a uniform tax regime across the country

To become a trusted National Information Utility (NIU) which provides reliable, efficient and robust IT backbone for the smooth functioning of the Goods & Services Tax regime


Autonomous organization, under the Ministry of Health and Family Welfare,

Ministry of Health and Family Welfare

NIHFW is housing the National Health Portal

The National Health Portals mandate is collecting, verifying and disseminating health and health care delivery

Page | 58


Government of India

services related information to all citizens of India


Not for Profit Organization

Consortium of 56 Banks public and private

Payment Gateway Services

To touch every Indian with one or other payment services


Associated Office of Ministry of Electronics and Information Technology (MeitY)

Ministry of Electronics and Information Technology

IT services to the Government of India. Some key services managed by NIC for the Ministry of Health and Family Welfare and CHI include

RCH, Mother Child Tracking System (MCTS), Online Registration System (ORS), Beneficiary Identification system (BIS) etc.

Provide the technology backbone to all Govt. departments


Autonomous organization

Ministry of Health and Family welfare

Managing IT programmes/ Project under MoHFW like NHP, various dashboards of ministry, NCD‐CPHC application, Mera Asptaal, NIN, HWC IT platform, PMSMA IT system, mHealth

To develop IT solutions for MoHFW and to provide authentic access to the health information for citizen of



Chaired by Health Minister, has cross functional team for health sector

Implementing Running of PMJAY

To develop IT components important to health sector

Page | 59


Annexure VII

Illustrative list of digital services to be provided by NDHM

S. No

Name of the Digital Service provided

Citizen/Patient Services


Single, Secure Health Id to all citizens


Personal Health Record


Single (National) Health Portal


App Store


Specialized Services for Remote Areas/ Disadvantaged Groups


NDHM Call Centre


Digital Referrals & Consultations


Online Appointments


e‐Prescription Service


Digital Child Health


National “Opt‐out” (for privacy)

Services by / for Healthcare Providers/ Professionals


Summary Care Record


Open Platform to access Emergency Services


Technology for Practitioner (GP) Transformation


Digital Referrals, Case Transfers


Clinical Decision Support (CDS)


Digital Pharmacy & pharmacy Supply Chain


Hospital Digitization (HIS)


Digital Diagnostics

Technical Services


Architecture & Interoperability


Health Information Exchange




Health Network


Data & Cyber Security


Information Governance

Page | 60


Annexure VIII

Indicative set of principles of governance of federated architecture

1. Federated Architecture (FA) operates collaboratively where governance is divided between a central authority and constituent units, balancing organizational autonomy with enterprise needs

2. The Central Authority’s architecture can focus on the dynamics of economies of scale, standards, interoperability and the common requirements, while the constituent units’ (States and Facilities) architectures have the flexibility to pursue autonomous strategies and independent processes

3. Participating members can jointly agree upon the common goals and governance of the federation which is expressed by the policies governing the roles and responsibilities of membership, resource discovery, and resource access

4. There is an administration role whereby federation membership, resource discovery, and resource access can be granted or revoked according to governance policy

5. States and facilities can participate in a federation by selectively making some of their resources discoverable and accessible by other federation members

6. While the purpose of a federation is to collaborate and share resources, resource owners retain ultimate control over their own resources

7. The design of all the systems in the federation shall conform to the prevalent laws and regulations relating to security, privacy and data‐sharing

Page | 61


Page | 62

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: