The government has proposed to provide a new unique identification number to eight crore BPL households, or approximately 40 crore people, for its new insurance scheme, National Health Protection Scheme (NHPS). The idea of a new unique number, according to a senior health ministry official, stems from the facts that not everyone is enrolled in Aadhaar and no one should be denied services for want of Aadhaar.

Wait… Wasn’t this one of the purposes of the $3.5 billion scheme that is the Unique Identification (UID) or Aadhaar, that not all Indians have an identification document and no one should be denied services for want of one?

Faulty implementation

Nothing shows the failure of Aadhaar implementation better than the fact that a ministry (here, health) is branching out from the system to provide unique numbers of its own. Its implementation has been faulty to say the least. Enrolment is patchy: dusty centres where humidity bars the machine from taking fingerprints are a far cry from what these centres were envisaged to be. These shady centres charge anywhere between '150-800 for one enrolment, depending on how soon you want your number. This is when the government has promised free enrolment and is paying commission to the centres for the job.

Aadhaar was not created to simply fill a gap in the current identification system. There were many identification documents in India, and providing easy access to any one or two of them could have improved the situation. Aadhaar was made for data collection and tracking. In its paper on public health in India, Unique Identification Authority of India (UIDAI) has claimed that many health-related policies fail because there is no way to track health data. Because of this lack of information, vaccination graph has stagnated at 55 percent, and only 52 percent women go through antenatal checkups, while only 42 percent deliver in hospitals. Lack of a system to connect and track medical records is a lacuna in creating and implementing policies in the Indian health sector.  The same paper argues that linking Aadhaar with Rashtriya Arogyashri Yojana would partially help in tracking health data and checking the spread of epidemics. The Rashtriya Swasthya Bima Yojana, which though has enrolled only 5.4 million individuals in 370 districts and 18 states, would also greatly enhance the capacity of the government to analyse health data for making better policies and improving the existing ones.

Aadhaar was created as this connecting mechanism to provide trackable data to the government not only in health but also in PDS, financial inclusion, employment and education.

The ‘new’ unique health identifier

The proposed new identifier for health will identify ‘ghost beneficiaries’ in the system. In 2008, the same argument was given by Nandan Nilekani and the UPA government for introducing Aadhaar. As far as collecting, analysing and tracking data on health are concerned, the new identifier will only work for BPL households and like many other data silos, would not capture the bigger health picture. For example, without any link between this unique identifier and Aadhaar, it would not be possible to understand the impact of health policies or of chronic diseases on the BPL population. It would be a colossal waste of money if this number was created only for identifying ghost beneficiaries. The government looks a little daft in introducing a whole new identification system because it cannot be sure if the previous one (with the same benefits and promises) works or not. It is also duplication of efforts and money when the UID is already present.
Moreover, rules regarding privacy are probably still to be drafted in the health identifier. Privacy and data protection needs to be absolute here because of the nature of sensitive data – medical records – that it holds. The Aadhaar security mechanism has been built with millions of dollars and is claimed to be unhackable. We wonder if the same amount of money would be spent on this identifier as well.

While absolute privacy is not guaranteed anywhere, the lack of redressal mechanisms in case of a data breach makes India a scary place.

As of now, we have sections 43A and 72A of the IT Act 2008. Section 43A talks about compensation for data misuse or wrongful breach and implementation of security mechanisms for data in any organisation. 72A deals with employees misusing their employer’s data or any third-party data. A privacy bill was introduced in 2011 and redrafted in 2014 but there is little clarity on its implementation.

According to Subhashis Banerjee, professor, computer science, IIT Delhi, a better and more efficient system would be to have local IDs for different verticals such as health, education, PDS, and they all be connected to a national unique identifier like Aadhaar. This would help gather and analyse data across domains that will provide valuable knowledge about India to help in policy making. As mentioned before, Banerjee argues that executing this new ID would be like redoing Aadhaar, but without the benefit of linking it across domains.

(The column appears in the September 16-30, 2016 issue)