Leaking health information may land you in prison

Leaking health information may land you in prison

Leaking health information may land you in prison

According to the new Privacy Bill, 2011, which is slated to be tabled in Parliament during the forthcoming session, any health information of any citizen of India collected with his consent shall be kept by the person till the time the individual wants and later it should be returned or destroyed.

Under the provision in the draft Bill that has 94 sections, no person or officer of the government shall collect health information in respect of an individual so as to reveal in public his health information thus adversely affecting his right to privacy.

"Whosoever discloses in public, the health information in respect of any citizen of India in contravention of the provisions of this Act, shall be punishable for such offence with imprisonment for a term which may extend to six months or with a fine which may extend to Rs one lakh, or with both," the Bill said under its Health Information Privacy.

The Bill proposes that any health information of any citizen of India collected with his consent or authorised under law shall not be revealed in public.

Health Information Privacy is part of the various measures proposed in the Bill which proposes among other things stringent punishment, including revocation of licences of telecom service providers, for illegally intercepting telephone calls and making their content public.

It also includes a punishment of a prison term of five years for people indulging in unauthorised spying on any individual.

While illegal snooping or interception can land a person in jail for a period of five years and a fine up to Rs one lakh, people involved in circulation of an intercepted
communication or any other personal information shall be punished with a prison term of three years and with a fine up to Rs 50,000.

The Bill also proposes to set up a Data Protection Authority of India (DPAI) to monitor and enforce compliance of all provisions and receive and investigate complaints about alleged violations of data protection rules.

DPAI will probe any data security breach and issue appropriate orders as may be required to safeguard security interests of all affected individuals with regard to personal data that has or is likely to have been compromised by security breach.

The proposed authority shall consist of a chairperson and not more than two members who have special knowledge and professional experience of data protection, industry, finance, law management and consumer affairs and the selection shall be done by the government.

Taking a tough stand against government officers, the Bill proposes that "where an offence under this Act has been committed by any department of the Government, the Head of the Department shall be deemed to be guilty of the offence and shall be liable to be proceeded against and punished accordingly unless he proves that the offence was committed without his/her knowledge or he/she exercised due diligence to prevent the commission of such offence."