In the midst of the discussions on Privacy and Data Protection following the Cambridge Analytica controversy, the Ministry of Health and Family Welfare, Government of India has released the long pending draft of the Health Care sector law on Privacy and Information Security.
Earlier, a discussion on this had been started at Naavi.org under the title of Health Care Data Privacy and Security Act (HDPSA). Now the Act has been renamed as Digital Information Security in Health Care, Act (DISHA).
Public comments have been invited upto 21st April 2018 which may be sent to firstname.lastname@example.org
Naavi.org will also provide its own comments in the next fortnight.
This law will be in addition to ITA 2008 and the proposed Privacy and Data Protection Act which the Srikrishna Committee is drafting. We also know that the TK Vishwanathan committee was also drafting an amendment to ITA 2008.
With the undue attention that Cambridge Analytica is getting, there is complete chaos in the domain of Privacy and Data Protection and now this additional law will add further spice to the discussions.
Coinciding with this spur of activity GDPR is being implemented by many Indian companies for the deadline of 25th May 2018.
It is therefore a very active period for Privacy professionals in India. Hopefully we will be able to avoid overlapping legislations and conflicts in different laws making the work of compliance difficult.