Saturday, June 21, 2014

E-Health Laws And Regulations In India Needed Opines Law Firm Perry4Law

This is the research article of New Delhi based ICT law firm Perry4Law. It is covering many crucial areas pertaining to use of information and communication technology (ICT) for providing healthcare related services in India. However, like any service, e-health services in India depend upon compliance of certain Indian laws that is missing as on date. Similar is the case regarding m-health that is the upcoming field in this regard.

Information and communication technology (ICT) has streamlined the way medical services and para medical services are provided world over. E-health and telemedicine are examples of use of ICT for medical purposes.

However, when technology is used for medical purposes, it gives rise to medico legal and techno legal issues. In United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act), etc are some of the laws that take care of medico legal and techno legal issues of e-health and telemedicine.

On the contrary, we have no dedicated e-health and telemedicine laws in India. Even essential attributes of these laws like privacy protection, data protection (PDF), data security, cyber security, confidentiality maintenance, etc are not governed by much needed dedicated laws.

However, numerous statues carry individual provisions that may be applicable to e-health and telemedicine activities in India. For instance, the e-governance and e-commerce related aspects of e-health and tele medicine may be governed by the Information Technology Act, 2000 (IT Act 2000) that is the cyber law of India. All electronic contraventions and violations pertaining to e-health and tele medicine can be regulated b the IT Act 2000.

Similarly, privacy and data protection aspects (PDF) in cyberspace pertaining to e-health are also governed by the IT Act 20000. Further, the Supreme Court of India has interpreted Article 21 of Indian Constitution as conferring a right to privacy upon all persons in India. Even in some cases the Supreme Court of India has held that patients have a right to privacy to protect their health related information except where non disclosure of such information is violating fundamental rights of others and is against public interest and public policy.

Even data security and cyber security aspects have been covered by the IT Act 2000 to some extent. The real problem is that these provisions that protect privacy, data protection, data security, etc are piecemeal efforts and they are not serving the purposes as required.

We need to have dedicated e-health laws and regulations in India that are presently missing. The sooner these e-health laws and regulations are formulated in India the better it would be for the larger interest of medical community and patients in India.

Unregulated M-Health Activities May Be Health Hazard In India

Technology is assisting in making affordable healthcare services available to the residents of even the most remote corners of a territory. Technology has the potential to tackle the healthcare related problems of India as well. However, regulatory and legal issues must be kept in mind while using technology for healthcare related services in India.

For instance, most of the m-health service providers in India are violating Indian laws and there may be legal actions against them very soon. However, the biggest nuisance creators are online pharmacies providers of India that are operating without any legal compliance. Some of the areas where the m-health service providers are not observing Indian laws are privacy protection, data protection (PDF), cyber law due diligence (PDF), encryption regulations, cloud computing regulations, etc.

Similarly, medical devices must be thoroughly scrutinised to rule out any possible legal violation in India. The legal risks for developer and owners of food, healthcare and medicine related websites cannot be ignored. Mobile medical devices and handsets and their respective applications must also be in strict conformity with Indian laws. Medical device makers, software providers and medical fraternity of India must also keep in mind the encryption laws of India and cloud computing related compliances of India.

According to experts, dedicated m-health laws and regulations in India are urgently needed to prevent m-health related legal violations. In India, e-health and m-health related legal framework is missing. For instance, e-health in India is facing legal roadblocks. Till now we do not have any dedicated e-health laws and regulations in India. The legal enablement of e-health in India is urgently required. Naturally, dedicated m-health laws and regulations in India are also missing and different laws apply to m-health related issues in India. Telemedicine and online pharmacies laws in India and their legal implications and liabilities are also unknown to various m-health professionals.

In United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act), etc are some of the laws that take care of medico legal and techno legal issues of e-health and telemedicine. India also needs laws like HIPPA and other similar laws that can regulate m-health related issues in India. Otherwise, unregulated m-health activities may be a great health hazard in India.

Saturday, June 14, 2014

Centre Plans To Scrap Aadhaar Project As Per Experts Suggestions

It is really unfortunate how political consideration overweight the national interest of India. The Congress led government has taken many steps and launched many projects that were clearly illegal in nature. Despite warnings from legal experts, the Congress led government kept on pushing those projects at the cost of Indian exchequer and civil liberties.

It seems the Congress led government was pursuing a secret agenda in a desperate attempt to regain the power at the centre. However, those efforts of Congress failed miserably and the BJP led government came with a clear majority. The natural question that has arisen is whether Modi government would “simply step into the shoes of Congress” or actually protect the Constitutional Rights of Indian Citizens, opines Praveen Dalal, managing partner of New Delhi based ICT law firm Perry4Law and leading techno legal expert of Asia.  

One such unconstitutional project of Congress led government is Aadhaar that should not have been started at all. The problem with aadhaar project is that it was never implemented in a legal and constitutional manner. However, there were very few individuals who raised their voices against this illegal project.

One of the early, stern and incessant opposers of the Aadhaar project is Praveen Dalal who was the first one to demand for scrapping of Aadhaar project in the year 2010. Dalal claimed that the UIDAI must not use public funds till provisions regarding the same are incorporated in the law to be formulated by Parliament of India. He still believes that Aadhaar project must be scrapped till a constitutional law supporting the project is in place as it is a fraud against the constitution.

According to Dalal, “The Aadhaar Project is the most “Obnoxious” and “Evil” Project that Indian Government has been pursuing till now. In my personal opinion, the very foundation of Aadhaar Project is based upon “Lies and Deception” and this Project should have been “Scrapped” long before. However, the previous Government not only deliberately kept this “Illegal and Unconstitutional Project” alive but also wasted crore of “Hard Earned Public Money” on a Project that is clearly Illegal and Unconstitutional. Narendra Modi “Must Scrap Aadhaar Project” as well along with the Cabinet Committee on UIDAI, recommends Dalal.

Fortunately, the Constitutional Validity of Aadhaar Project has been questioned in the High Courts and Supreme Court of India. The Supreme Court has even held that Aadhaar Card/Number cannot be made mandatory for availing public services in India. The Supreme Court has also prohibited UIDAI from sharing biometric data with Indian Government Agencies without data owner’s consent. Even a Parliamentary Committed rejected the proposed National Identification Authority of India Bill 2010 finding it “Inadequate and Unsuitable”, informs Dalal.

Fortunately, the Modi led government has considered the suggestions of experts like Dalal and it is now considering scrapping the Aadhaar project altogether. The intent of the Modi led government to take such a move was apparent when Prime Minister Modi decided to discontinue the previous government’s Cabinet committee on the Unique Identification Authority of India.

“As the UIDAI has no legal backing, a decision would soon be taken to scrap it and in its place the entire exercise would be handed over to the NPR, which will not only provide Unique ID number to a person but also establish bonafide citizenship," sources said. However, the NPR exercise has its own “Demerits and Constitutional Issues” and they must be resolved first, warns Dalal.

Monday, June 9, 2014

Mandatory Or Effective Legal Framework For E-Governance Is Needed In India Says Praveen Dalal

E-governance cannot be attained till policy level changes are made in India. We have no dedicated e-governance law in India and some provisions pertaining to e-governance have been incorporated in the Information Technology Act, 2000 (IT Act 2000). However, these provisions are not only defective but they are grossly inadequate according to Praveen Dalal, Managing Partner of Perry4Law and the Leading Techno-Legal Expert of India.

Dalal believes that India needs to repeal the IT Act, 2000 and enact appropriate and dedicated laws pertaining to ecommerce, e-governance, cyber law, cyber security, cyber forensics, telegraph and other similar fields. Presently all these areas have been stuffed into a single law known as IT Act, 2000. This has resulted in lack of a specialised legal framework for all these fields.

Even the Department of Telecommunication (DoT) believes that the IT Act 2000 must be replaced by a more suitable law. This seems to be in conformity with the suggestions of Dalal regarding repeal of Telegraph and Cyber Law of India.

As far as e-governance is concerned, we have no legal framework that requires mandatory e-governance services in India. As a result Indian government departments have nothing to loose even if they deliberately fail to comply with e-governance requirements suggests Dalal. For instance, most of the e-governance projects of India under the national e-governance plan (NEGP) are still in the pipeline despite the deadline being passed long before. This is despite the fact that thousand of crores of public money has already been utilised for e-governance projects of India but without any constructive and practical results.

This is happening because although the IT Act 2000 carries provisions pertaining to e-governance services in India yet they are “non mandatory” in nature. This has resulted in a poor e-governance services delivery in India. Till now we have no legal framework that mandates that citizens and organisations can claim e-governance as a matter of right, informs Dalal. There are many reasons for the failure of e-governance projects of India and an effective, time bound and accountable implementation alone can make Indian e-governance initiative successful, suggests Dalal.

Further, the scope of NEGP is very wide covering almost all aspects of governance - right from delivery of services and provision of information to business process re-engineering within the different levels of government and its institutions. It is essential that NEGP is implemented, monitored and regulated through a legal framework so that it is no more just a plan but reality. For instance, access to justice for marginalised people in India cannot be a reality till e-courts and online dispute resolution (ODR) are suitably and urgently introduced in India. Till June 2014 we are still waiting for the establishment of first e-court in India.

According to Dalal while implementing the NEGP, various structural and institutional issues have already arisen which clearly call for a statutory mandate for their resolution. The purpose would be to give statutory mandate to the institutional entities, setting up of a separate fund, defining responsibilities and providing for time frames and oversight mechanisms. According to Perry4Law, this legislation may, inter alia, contain provisions regarding the following:

(a) Definition of e-governance in the Indian context, its objectives and role,

(b) Coordination and oversight mechanisms, support structures at various levels, their functions and responsibilities,

(c) Role, functions and responsibilities of government organisations at various levels,

(d) Mechanism for financial arrangements including public-private partnership,

(e) Specifying the requirements of a strategic control framework for e-government projects dealing with statutory and sovereign functions of the government,

(f) Responsibility for selection and adoption of standards and inter-operability framework,

(g) Framework for cyber security, privacy protection, data security and data protection etc,

(h) Parliamentary oversight mechanism, and

(i) Mechanism for co-ordination between government organisations at Union and State levels.

The “hands off model” regarding e-governance in India has proved to be a big failure and a mandatory e-governance legal framework alone can bring successful e-governance services in India in the absence of a transparent and accountable government system, opines Dalal.

Sunday, June 8, 2014

Mandatory E-Governance Services In India Are Urgently Needed

This is the updated article of my previous post about the need to have a mandatory e-governance legal framework in India. There are many reasons why e-governance in India has miserably failed. According to legal experts, the “hands off model” regarding e-governance in India has proved to be a big failure. They believe that a mandatory e-governance legal framework alone can bring successful e-governance services in India in the absence of a transparent and accountable government system.

Legal framework for mandatory e-governance services in India is long due. If we make e-governance service optional or discretionary, the whole purpose would be defeated. This is the reason why we need time bound and accountable e-governance based public services in India. Keeping this objective in mind, the central government formulated the draft electronic delivery of services bill 2011 (EDS Bill 2011). The EDS Bill 2011 intends to provide delivery of government services to all citizens by electronic means by phasing out of manual delivery of services delivered by the government including matters connected therewith or incidental thereto.

The Bill if made a law would require complete overhaul of the present e-governance infrastructure and services delivery mechanism of Indian government. However, the real problem with Indian e-governance initiative is that legal framework for mandatory electronic delivery of services in India is missing, says Praveen Dalal, Supreme Court lawyers and Managing Partner of India’s exclusive techno legal law firm Perry4Law.

Till now there was no provision under which citizens could ask for mandatory electronic delivery of services by the government. After the Bill becomes an enforceable law, the Indian Government may be under an obligation to mandatorily provide electronic services to its citizens, opines Dalal.

It is obvious that Indian e-governance services cannot be successful till there is a mandatory compliance requirement attached to them. Alternatively, the administrative system of Indian government must be streamlined so that they voluntarily adopt and implement e-governance projects that have been avoided so far.

Friday, June 6, 2014

Can Narendra Modi Government Ensure Privacy To Indians?

Privacy is a sacrosanct civil liberty that no nation can take it for granted. Yet most of the nations, including India, have been taking privacy for a ride. Till date we have no dedicated privacy law in India and this has made Indian citizens vulnerable to various forms of civil liberties violations in both online and offline worlds. To add further miseries to this situation we have draconian laws like telegraph and cyber law that deserve immediate repeal.

India’s love for e-surveillance is also well known. We have unconstitutional projects like central monitoring system and Netra that are operating in India without any procedural safeguards and parliamentary oversight. The latest to add to this list would be the national intelligence grid (Natgrid) project that has been taken up once again by Narendra Modi’s government. However, Natgrid project is a useful project as well provided it is made accountable to parliament of India.

Modi government needs to understand well the importance of civil liberties in cyberspace like privacy right, speech and expression right, etc. The government must also understand that privacy rights in the information era require a mature and well reasoned approach. It has to do what no other Indian government has done so far. Modi’s government would be required to formulate an e-surveillance policy of India that incorporate various issue in a holistic and comprehensive manner.

There is no doubt that big brother in India has been listening and watching for long but while doing so it must not exceed its limits. Unfortunately, the big brother has been transgressing upon all constitutional rights and procedural safeguards till now. Vodafone has also confirmed that governments across the world, including Indian government, have forced it and other telecom companies to install secret wires for e-surveillance purposes.

This is really unfortunate as our own government is violating our civil liberties that it was supposed to protect. According to privacy advocates, the digital life of Indian citizens is not at all safe and is open to various forms of e-surveillance and eavesdropping. In the absence of support form Indian Government, self defence is the only viable option left before Indian citizens to safeguard their digital lives. Let us hope that the Modi government would not force its citizens to adopt self defence measures.

Natgrid Must Be An Accountable Project Says Praveen Dalal

Even after more than 5 years of launch of the Natgrid project of India, the same has remained a non starter only. Despite spending many crore upon this crucial project, it has remained a failure only. There is no doubt that the successful implementation of Natgrid project depends upon numerous factors that are techno legal in nature. According to experts in this field, the Natgrid project of India needs techno legal implementation to be successful. Till now the Natgrid project has failed to address both technological and legal issues pertaining to the project.

Media reports have confirmed that Raghu Raman, the former CEO of Natgrid, would not be able to continue with the project as his contractual term has come to an end. Indian government is considering a new CEO for the Natgrid project. Obviously, the policies regarding Natgrid would also change and so would be its implementation strategy.

So what are the factors that have resulted in the failure of Natgrid project of India?  According to Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of Asia, NATGRID is an essential requirement for robust and effective intelligence agencies and law enforcement functions in India. The only requirement is to ensure that its abuses can be anticipated, prevented and remedied.

However, NATGRID cannot survive in the absence of “Political Will” to make it an effective and responsible tool. With the benefits of NATGRID come the issues of accountability and fairness in its operation. India must formulate adequate “Safeguards” before making NATGRID functional. The NATGRID project must not die like the other projects handled by India from time to time, opines Dalal. It seems the Natgrid project lacked all these attribute and this is the reason why it failed.

Lack of accountability and transparency are also responsible for poor intelligence related project implementations in India. According to Dalal “the Intelligence Agencies of India Need Parliamentary Oversight and the Intelligence Infrastructure of India needs Transparency and Strengthening. There should not be any “Legal Immunity” to Intelligence Agencies of India in the absence of Parliamentary Oversight and the system of “Using Executive Orders” to confer “Legitimacy” upon Intelligence Agencies must be abandoned as soon as possible by the Government.

There are crucial policy and legal issues of Natgrid project that previous government failed to notice. In fact, from the working of the previous government it is clear that it never wished to confer any legitimacy to law enforcement and intelligence agencies of India. This must be avoided by the BJP led government. 

As per the current home ministry’s  proposal, Natgrid will connect data providing organisations and users besides developing a legal structure through which information can be accessed by the law enforcement agencies. So there are some hints towards making Natgrid accountable towards Indian parliament. But only time will tell how Natgrid project would be handled by the new government.

Sunday, June 1, 2014

Congress Unhappy Over Misra’s Ordinance But Would Not Challenge It In Parliament

The ordinance pertaining to appointment of Nripendra Misra as Principal Secretary in the Prime Minister’s Office (PMO) witnessed some heated debate between various politicians. However, the constitutionality of this ordinance has still not been discussed by media or any political party so far. So the natural question that arises is whether the appointment of Nripendra Misra by Narendra Modi government is constitutional or not?

There is little debate in the media circles and political parties regarding the constitutionality of the ordinance in question. However, according to Praveen Dalal, partner at New Delhi based ICT law firm Perry4Law, “Prima facie this Ordinance has been promulgated in conformity with the Constitutional requirements and there are little reasons to agitate against the same. However, the allegations of “Political Impropriety” cannot be ignored in these circumstances”.

“The only thing that remains to be seen is what “Potential Benefits” the appointment of Mr. Misra would bring in these circumstances. Nevertheless, no “Constitutional Infirmity or Illegality” can be attributed to this Ordinance as on date”, opines Dalal.

This may also be the legal position as the Congress party is not challenging the legality or constitutionality of this ordinance. According to media reports, although the Congress party is “unhappy” with the ordinance to appoint Misra yet it is unlikely to vote against it in Parliament. This is also the most appropriate reaction and approach of Congress towards this issue as the capabilities of Misra is not in dispute.

The main contention of Congress is that the BJP, when in the opposition, had opposed several ordinances of the Congress-led government. Even so, it is not likely to oppose the ordinance when this comes for ratification before Parliament next week.