The technology sector, and the practical applications of technological developments, have grown exponentially over the years, and the healthcare and pharma industries have benefitted alongside many others. To add to this, the outbreak of Covid-19 and consequent lockdowns also accelerated the usage of digital healthcare, not only in India but also globally, thereby leading to the rapid growth of start-ups within the digital healthcare space.
As per the World Health Organisation, digital health is a broad umbrella term encompassing eHealth (which includes mHealth), as well as emerging areas, such as advanced computing sciences in 'big data', genomics, and artificial intelligence.1
Combining technology with healthcare, the digital healthcare ecosystem encompasses different aspects of technology used for monitoring, diagnosing, preventing, and curing health. In today's world, this includes robot-assisted surgeries, fitness wearables, telemedicine, software as a medical device, mobile phone trackers, the internet of medical things, electronic health records, and artificial intelligence applications in healthcare, among others.
With the increased proliferation of technology in the healthcare industry, there is a clear need for regulatory intervention to ensure that this technology is not misused. Due to the regular exchange of personal data regarding health issues and consultation between patients and the service providers, the protection of the personal data thus generated has become a matter of concern. Today, everyone is freely using smartphones with pulse trackers, smartwatches that monitor people's heart rate even during sleep, and menstruation trackers, without being aware of the amount of data generated and stored.
In the light of the concerns cited above, there is an urgent need for regulators to pass specific laws and regulations addressing current and prospective issues relating to the digital healthcare ecosystem.
The present note deals with the current regulatory regime for digital healthcare in India and how a change in the definition of 'medical devices' by the Ministry of Health and Family Welfare might affect the digital healthcare industry in India.
DRUGS AND MEDICAL DEVICES
In a revolutionary move on February 11, 2020, the Ministry of Health and Family Welfare released two notifications concerning medical devices in India2:
The effect of the said notifications is that medical devices, including digital healthcare systems, will now fall within the definition of "Drugs" under the Drugs and Cosmetics Act, 1940. Some examples like - blood sugar monitor, diabetes tracker, pulse and sleep monitor applications are currently regulated as drugs. This can have far-reaching implications, which the regulators seem to have overlooked, such as the ability of the Central Drugs and Standards Control Organisation (CDSCO) to adequately regulate medical devices and drugs.
EVOLUTION OF THE DIGITAL HEALTHCARE REGULATORY FRAMEWORK IN INDIA
S.No. |
Year |
Particulars |
Details |
1. |
2012 |
The Clinical Establishments (Central Government) Rules, 2012 |
|
2. |
2017 |
The National Health Policy, 20173 |
|
3. |
2018 |
The Draft Digital Information on Security in Healthcare Act4 |
|
4. |
2018 |
The National Health Stack, 20185 |
|
5. |
2019 |
The National Digital Health Blueprint, 2019 ("Blueprint")6 |
|
6. |
2020 |
The National Digital Health Mission, 2020 ("NDHM")7 |
Salient features:
|
7. |
2020 |
Health Data Management Policy, 20208 |
|
CURRENT FOCUS OF REGULATORY FRAMEWORK
While the Blueprint has recognised various building blocks at multiple levels that need to be regulated to create a digital healthcare ecosystem, the focus has primarily remained on data protection and privacy, as it relates to health data. As a result, the Blueprint seem to have overlooked other regulatory aspects that may arise with the change in the new definition of medical devices.
The 2020 notification, which has expanded the ambit of medical devices to include all things that assist a human body in diagnosis, prevention, monitoring or supporting life9, has also created a lot of ambiguity on how digital healthcare will be treated. The laws regulating drugs don't seem to be equipped to regulate the intangible nature of software and other evolving technology in the healthcare sector.
For example, under the Drugs and Cosmetics Act, 1940, the word 'import' is defined as "bringing anything into India". Therefore, any software developed outside India may be deemed to be imported once the software is used in India. With that, the software owner may, without his knowledge, be subject to Indian laws. Will he then need to comply with the 11 February 2020 notification?
Other pertinent issues that may arise would be:
- Would all 'tracking software' need to get registered as a medical device?
- Applicability of price control under the Drugs Price Control Order, 2013 on software as a medical device.
- Applicability of Legal Metrology (Packaged Commodities) Rules, 2011, BIS standards, or compliance with respect to ISO 13485 standard accredited by National Accreditation Board for Certification Bodies or International Accreditation Forum (which is required under the 11 February 2020 notification).
These are all certainly issues that need the urgent attention of, and clarity from, the regulators.
CONCLUSION
While the regulators are moving in the right direction, it is time that in India, the entire category of medical devices be delinked from the definition of "Drugs" and be regulated under an entirely different law. In addition, digital healthcare, and data generated by digital healthcare, also needs to be protected, not just by policies (which currently seem to be changing with the changing governments), but by stringent enforceable law. There is also a need to expand on the definition of medical devices to recognise tangible, intangible (like software) and artificial intelligence-based medical devices, so that we may regulate them all in a more streamlined manner.
Footnotes
1. WHO guideline: recommendations on digital interventions for health system strengthening. Geneva: World Health Organization; 2019. Licence: CC BY-NC-SA 3.0 IGO Accessed at - https://apps.who.int/iris/bitstream/handle/10665/311941/9789241550505-eng.pdf?ua=1
2. Ministry Of Health and Family Welfare, Notification, S.O. 648(E), dated 11 February 2020; Ministry of Health and Family Welfare, Notification, G.S.R. 102 (E), dated 11 February 2020
3. The National Health Policy, 2017, Accessed at: https://www.nhp.gov.in/nhpfiles/national_health_policy_2017.pdf
4. The Draft Digital Information on Security in Healthcare Act, Accessed at: https://www.nhp.gov.in/NHPfiles/R_4179_1521627488625_0.pdf
5. The National Health Stack, 2018, Accessed at: https://abdm.gov.in/publications/NHS_Strategy_and_Approach
6. The National Digital Health Blueprint, 2019, Accessed at: https://ndhm.gov.in/home/ndhb
7. The National Digital Health Mission, 2020, Accessed at: https://ndhm.gov.in/documents/ndhm_strategy_overview
8. Health Data Management Policy, 2020, Accessed at: https://ndhm.gov.in/documents/health_management_policy
9. Ministry Of Health and Family Welfare, Notification, S.O. 648(E), dated 11 February 2020.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.