In the last few years, India has moved closer to a more integrated digital health ecosystem, with extensive use of Aadhaar as a foundational identity layer. Proposals to either use Aadhaar for health ID systems or for integration of health records promise smoother patient journeys but raise potential issues concerning privacy, consent, discrimination, and data security. In early 2025, as pilot applications are rolled out on an increasingly broader basis, the level of discomfort rises.
This paper examines how the health record applications have been rolled out, the advantages, risks, and unresolved tensions appearing on the policy agenda. Health ID / Health Record VisionABHA / Ayushman Bharat Health Account: to the National Digital Health Mission (NDHM), ABHA accounts (digital health IDs) have been created for tens of millions; health facilities and health workers all register into the system separately.
Health records under ABDM now number over 52 crores (520 million) as of late April 2025. The vision for the record system is that patients will be able to use their health IDs and Aadhaar number to transport electronic medical records between hospitals and labs, and that patients will receive their health history directly to record, thus reducing repeated history taking at each health visit.
State health systems in Maharashtra, Kerala, and Telangana have instituted portals or apps pulling up patient records (labs, imaging, prescriptions) through the health ID and/or Aadhaar link. Private hospitals and diagnostic chains are beginning to onboard, which assists with having patients share medical record summaries across multiple facilities that they consent to use.
Health Passport for Women Based on Blockchain Technology: Algorand has launched a Digital Health Passport that integrates with Aadhaar and uses blockchain technology to store validated identity and health records (focusing on women in the informal economy, for instance).
Patients relocating or changing hospitals could carry their health history along (lab results, imaging, prescriptions) . This would limit repeated tests, speed up consultations, and ultimately reduce the risk of human error due to transcribing.
Anonymized data established through aggregating data may support epidemiological public health, disease surveillance (such as TB, diabetes clusters). Careful tracking of cohorts through government health programs (immunization, maternal care) to check in on populations will have substantial accuracy.
If we assume that lower-grade administrative costs are incurred for health care visits (scanning, data storage, scanning for copies, transferring data, these administrative costs are now reduced in the acquisition process. Diagnosis confirmation is now less likely when data duplication is reduced (and requesting past health history, records access, or historical data is done more efficiently).
Patients may consent (The digitized health passport allows just portions of health data to be shared (for example, imaging only and excluding other mental health) — Patients may be able to consent to have records viewed by specific researchers or in academic programs by type). Dashboards in apps will inform patients when their records have been accessed by any entity.
If health records are linked to Aadhaar (as universal identification), there is a heightened risk to the patient’s health data (whether identified or de-identified) of profiling, stigma, and discrimination as a possible consequence if data are disposed of inappropriately. Health data is extremely sensitive, and even de-identified health data can easily be made identifiable through the current ease of correlating separate pieces of information collected.
How granular is consent? Can patients revoke authorization? Are there default privacy settings that are protected from community use, or do they not permit access? Will low and marginal-literacy-skilled populations seek out, provide informed consent, and comply with proper health data use?
Databases are alluring targets. Weak security or vulnerabilities in insiders and providers pose a risk. Chain of custody: records flow through hospitals, labs, and APIs; every node in this flow must be secured.
Not all patients may have Aadhaar or mobile connectivity; aka, failing to provide their biometric information or ultimately Aadhaar-health ID mapping, may likely lead to health ID exclusion.If linkage is required, patients without an identity or with faulty Aadhaar-health ID linkage would be refused service.
Use of proprietary EHR and/or information systems may impede interoperability if the data has not been broadly standardized. If certain vendors build out the infrastructure, switching costs will be high.
India’s Personal Protection Act (when passed) needs to create a classification of health data, a state to collect and/or process it, and some penalties for infringing on the norms. There is also the gap of defining, regardless of classification, the sovereign state of health data, mechanisms for cross-border requests, and a mechanism of appeal.
Stakeholder Positions: Advocates (Govt, many physicians, leadership in public health organizations): see the pairing of the Aadhaar solution + health ID as the backbone of the 21st-century health systems.
Privacy advocates/civil society: caution that some, though normally considered private, health data is particularly sensitive data; there are some minimum requirements for safeguarding health data before it can be considered sufficiently protected.
Hospitals/labs: Despite their general support for the adoption of EHR and/or information systems, all are concerned about the cost of compliance, the pain/integration costs of the existing health information system, and the existing liability they would incur from a new health ID information system.
Patients/citizens: generally positive about the idea of adopting a public health (or ) information system at the individual level, with some hesitancy on misuse of their information and/or the potential for information to come into the public domain.
In Algorand’s health passport project, blockchain is promoted as improved, tamper-proof storage, with audit tracking. Pilot users were uncomfortable with consent defaults. For example, “if I don’t actively opt out, then my records are shared very broadly.”Privacy scholars express concern that linking health profiles with identity will enable discrimination in insurance (risk scoring), stigmatization (e.g., mental illness, HIV), or result in surveillance.
Aadhaar-linked health records suggest a promising vista in health data use: continuous care, effectiveness, and public health at the level of data storage, use, and analysis. But there are risks: privacy, consent, inclusion, and trust, for example, must not be an afterthought to the process.
As India begins another phase of experimentation with Aadhaar- health records in 2025, it is essential to respect patient rights and govern patient trust as the following phase continues to build on the technical aspects of implementation. If done right, the combination of Aadhaar and health ID innovation could completely change medical care; if done poorly, it may undermine trust in the innovation.
