Skip to main content

PHI, PII, and Indian Health Data Laws Explained

If you are a law student or a newbie in the legal field, then it is very common to scratch your head around these concepts. In this blog, we will deal with the understanding of not only the concept of PHI and PII, but we will also dive into Indian laws to investigate similar concepts in the Indian legal landscape.


PHI (Personal Health Information) is data associated with information about an individual's health. There is a list of 18 pieces of information that fall under the category of Personal Health Information. This data is often collected by medical practitioners or hospitals for providing better health services.


HIPAA, the Health Insurance Portability and Accountability Act, protects the PHI of an individual from being disclosed without his/her consent. Personal data of an individual's health status can cause damage in insurability, employability, and can engrave damage to their privacy.


It is obvious to be curious about what elements can be considered as PHI. This includes information such as medical diagnosis, medication history, information regarding insurance, Medical Registration number, billing, and even the name of the doctor who operated on the individual.


On the other hand, PII (Personally Identifiable Information) is data about the whereabouts of the individual, such as name, phone number, social security number, the number on the driver's license, and permanent passwords.


As the name itself suggests, PII is information about the individual, not their past, present, or future health information. PII is not protected by HIPAA but is secured by various other laws. It is used to specifically identify an individual and thus is protected by law.


You must have realized so far that these concepts are used in the United States of America, not in India. But wait, what about us Indians? Do we have any law or legislation that protects our Personal Health Information?

It is disheartening to break it to you that India does not have any particular Act which protects our health information. However, certain provisions of the Information Technology Act 2000 and IT (Reasonable Security Practices and Procedures and Sensitive Personal Data) Rule 2011 deal with safeguarding personal health information.


There are a few precedents which further strengthen the claim of protection of health data of individuals. One such case is Balu Gopalakrishna V. State of Kerala, where a set of 5 petitioners opposed to a contract between the state of Kerala and a US-based software company called Spinklr Inc. The petitioners feared that the company would collect sensitive health data related to Covid-19. The High Court, understanding the gravity of the matter, instructed the state to anonymize the data before transferring it to the company or any other third party. The court made it very clear that consent of users to be obtained before collecting any data.


The Karnataka High Court in 2021 passed an interim order in the case of Anivar A Aravind V. Ministry of Home Affairs stating that it is a fundamental right under Article 21 for every individual's personal health information to be kept protected from any kind of exploitation.

Comments

Post a Comment

Popular posts from this blog

Important case laws in Constitutional law.

     It is difficult for students to recall case laws. It becomes even more difficult when each resource material has a different case law to prove a particular concept. When it comes to constitutional law, it can be tricky, and I always find it difficult to find suitable and important precedents to write down doctrines. That's why we have made a list of important case laws that should never forget. 1. Indrani sawhney v/s Union of India:        Indra Sawhney v. Union of India is a landmark case in Indian constitutional law that deals with the issue of reservation in public employment and education. The case was heard by a nine-judge bench of the Supreme Court and resulted in the famous Mandal Commission judgment.         The case arose from a challenge to the government's policy of reserving a certain percentage of seats in public employment and educational institutions for m...
Post a Comment
Read more

AI vs. Copyright: Unraveling the Puzzle

The growth of tools such as ChatGPT, MidJourney, Adobe Firefly, Stability AI, and many more has raised two very prominent questions. 1. Whether a work created by an individual with the help of AI can be protected by law. Does that individual get the right to reproduce that work, sell it, license it, and sue another individual for unauthorized use of the work? 2. Is AI infringing on the rights of authors by using their work to get trained and using them to provide information to the users? The world has taken a leap from reading books to obtain particular information to googling any information. Today, instead of reading through several articles on Google, people prefer to ask ChatGPT, where they have the freedom to tailor the type of information they need. one can guide the length of the information to a brief paragraph or an essay of several pages. But from where do these Generative AIs get all that information? Technically speaking, they get trained on the data available on the inter...
Post a Comment
Read more