In its commitment towards Sustainable Development Goals, India envisages comprehensive primary health services as a key pillar in achieving universal health coverage. Embedded in siloed vertical programmes, their lack of interoperability and standardisation limits sustainability and hence their benefits have not been realised yet. We propose an enterprise architecture framework that overcomes these challenges and outline a robust futuristic digital health infrastructure for delivery of efficient and effective comprehensive primary healthcare. Core principles of an enterprise platform architecture covering four platform levers to facilitate seamless service delivery, monitor programmatic performance and facilitate research in the context of primary healthcare are listed. A federated architecture supports the custom needs of states and health programmes through standardisation and decentralisation techniques. Interoperability design principles enable integration between disparate information technology systems to ensure continuum of care across referral pathways. A responsive data architecture meets high volume and quality requirements of data accessibility in compliance with regulatory requirements. Security and privacy by design underscore the importance of building trust through role-based access, strong user authentication mechanisms, robust data management practices and consent. The proposed framework will empower programme managers with a ready reference toolkit for designing, implementing and evaluating primary care platforms for large-scale deployment. In the context of health and wellness centres, building a responsive, resilient and reliable enterprise architecture would be a fundamental path towards strengthening health systems leveraging digital health interventions. An enterprise architecture for primary care is the foundational building block for an efficient national digital health ecosystem. As citizens take ownership of their health, futuristic digital infrastructure at the primary care level will determine the health-seeking behaviour and utilisation trajectory of the nation.
- health systems
- public health
Data availability statement
There are no data in this work.
This is an open access article distributed in accordance with the Creative Commons Attribution Non Commercial (CC BY-NC 4.0) license, which permits others to distribute, remix, adapt, build upon this work non-commercially, and license their derivative works on different terms, provided the original work is properly cited, appropriate credit is given, any changes made indicated, and the use is non-commercial. See: http://creativecommons.org/licenses/by-nc/4.0/.
Statistics from Altmetric.com
If you wish to reuse any or all of this article please use the link below which will take you to the Copyright Clearance Center’s RightsLink service. You will be able to get a quick price and instant permission to reuse the content in many different ways.
Portability of health information is critical for ensuring continuum of care and improving health outcomes at the primary care setting.
Digital health tools to strengthen primary healthcare services are widely implemented across vertical healthcare delivery programmes in many low and middle-income country settings including India.
Stand-alone mHealth applications have been deployed across vertical programmes for non-communicable diseases, tuberculosis and maternal and child health, under the National Health Mission in India.
The wider benefits of digitisation of the primary healthcare services have not been fully realised due to lack of interoperability, standardisation and scalability of these applications.
Efficiency, quality and coverage can be significantly enhanced when digital health infrastructure is implemented incorporating the core principles of an enterprise platform architecture covering four platform levers to facilitate seamless service delivery, monitor programmatic performance and facilitate research in the context of primary healthcare.
An enterprise architecture framework that addresses these key requirements and envisages a futuristic platform approach for a robust digital health infrastructure that would serve as a backbone for delivery of efficient and effective comprehensive primary healthcare.
A federated architecture as proposed taking into consideration the local contexts that vary across the different states will enable scalability through standardisation best practices and decentralisation techniques in the context of comprehensive primary care through the health and wellness centres thereby contributing to the essential building blocks of the national digital health infrastructure.
Primary healthcare (PHC) entails the provision of holistic person-centred services comprising health promotion, disease prevention, health maintenance and the diagnosis and treatment of acute and chronic illnesses, to help maintain physical, mental and social well-being.1 Evidence from low and middle-income countries (LMIC) demonstrates that strengthening PHC results in improved health outcomes, and helps achieve universal healthcare.2 3
The universal delivery of primary care is hampered by human and material resource constraints that can be substantially mitigated by strategic application of technological solutions. LMICs like India have been challenged with low investment,4 insufficient human resources with only 20.6 doctors per 10 000 population, of which 70% are employed in the private sector.5 This is exacerbated by low digital literacy and infrastructural issues.6 7
Globally, we have seen the development of meaningful electronic data platforms that can support a range of services including universally accessible personal health records for patients, consolidated diagnostic reports and decision support tools for providers, quality improvement data for administrators and critical epidemiological data to public health practitioners.8 However, fragmentation of the solution space, lack of scalability, limited configurability and weak security and privacy frameworks limit the potential of technology in advancing comprehensive PHC in India.9 10
India’s flagship health scheme, Ayushman Bharat, seeks to deliver comprehensive PHC through a package of 12 distinct primary health services offered at 150 000 health and wellness centres (HWC) across India.11 These services are delivered via a range of vertical programmes each with varying levels of information technology (IT) development.12 The national IT solutions for reproductive and child health (RCH), non-communicable diseases (NCD) and tuberculosis (TB) replicate the silos of their parent programmes. This fragmentation places a heavy burden on health workers by duplicating data collection and reporting. It precludes the patient or provider from having access to a comprehensive picture of the patient’s health.13
A plethora of technology pilots across health systems in India have exacerbated the fragmentation and have proved to be highly unsustainable.9 14 App developers spend significant resources on duplicating foundational components like facility and user registries, authentication protocols and collecting consent which are neither standardised nor easily available. The lack of reliable internet connectivity necessitates all software solutions to support offline functioning which exponentially increases their technical complexity. The sheer volume of patients and providers warrants high-performance, scalable systems fit for concurrent use by tens of thousands of users.
Health system structures and workflows along with clinical protocols are also constantly evolving and are continually modified to suit the unique administrative context and needs of local governments. Most digital health solutions are not engineered to adapt rapidly to dynamic changes. Rigid, non-standardised, proprietary architectures also preclude the decentralised configuration required to support the heterogeneity of health systems across Indian states.15
Traditional security and privacy-preserving measures are rendered ineffective by advances in data science and machine learning.16 17 The designing, building and maintenance of secure privacy-preserving databases for millions of users is expensive and beyond the scope of small technology companies that may have very innovative solutions to offer for individual or population health.18 In summary, the ad hoc, non-standardised and fragmented nature of health technology solutions is duplicative and wasteful, and unsustainable due to heavy costs associated with maintaining the agility, capacity and security required at scale.19
In this paper, we describe how India’s evolving digital health ecosystem, including the National Digital Health Mission (NDHM) and public health platforms (that many of us are directly involved in designing and implementing), seeks to address the challenges of fragmentation, scalability, configurability and privacy.
Enterprise architecture: a platform thinking approach
The inefficiencies and risks posited by the current fragmented health IT landscape can be addressed by adopting a systemic platform approach. Platforms, as described below, provide a stabilising framework responsible for maintaining governance mechanisms which include standards, interfaces and rules to support a dynamic ecosystem of autonomous complementors (third-party actors, like vendors) and consumers (eg, providers, patients or payers).20 21 Disparate vertical programmes can then all plug into the platform, provided they adopt standards, use of common nomenclature and shared single sources of truth (SSOT) registries.22 A modular design allows individual components of the system to be upgraded or exchanged without cascading effects on the entire system.
Platform ecosystems are not new to India; the universal ID programme, Aadhaar, and related fintech advances including the universal payment interface and the consent manager framework that allows for asynchronous authentication of payments, execute millions of transactions daily.23 Similar federated plug-and-play architecture undergirds the framework prescribed by India’s NDHM to ensure authenticated universal information access across various care settings enabling transition of care.21 We describe below how components of a nascent digital platform ecosystem in India specifically for primary health will help address the challenges we discussed.
From fragmentation to integration: developing standards and interoperability
A platform approach allows a wide range of actors to participate in curating, applying and exchanging data provided they can identify each other and communicate via a shared language. Electronic Health Records (EHR) standards of Ministry of Health and Family Welfare that covers health data and metadata interchange standards like Systematized Nomenclature of Medicine (SNOMED), International Classification of Diseases 10th Revision (ICD-10)/ICD-11, Logical Observation Identifiers Names and Codes (LOINC) and Health Level 7 (HL7)/Fast Healthcare Interoperability Resources (FHIR) must be adopted.24 Intervention and care protocols may also be exposed as FHIR bundles in line with Computable Care Guidelines standards.25 Linking health data transactions across systems requires common identifiers for both patients and providers, the generation of which is likely to be particularly challenging in India given lack of updated databases of registered providers, and uncertainty around identity systems in the context of India’s evolving privacy and data protection policies.26
Individuals across the socioeconomic spectrum seek primary care across the public and private sectors, and often across state borders given the seasonal and annual migration patterns in India. Low health-seeking behaviour and socioeconomic deprivation however disrupt reliable and timely access to care. Without a common identifier, it is hard to compile a comprehensive medical history, facilitate referrals and even more hard to identify those that fall through the cracks entirely. It is also inefficient, requiring health workers to re-enrol beneficiaries in different health programme apps at the same facility.
The NDHM recently launched the Health ID to address these problems.21 The Health ID, linked to Aadhaar or mobile number, can be created by individuals themselves and provides the basis of integrating all their digital health records allowing seamless, consented sharing of health data between providers, laboratories and pharmacies. The health IT systems we have helped develop, Affordable Medicines and Reliable Implants for Treatment (AMRIT),27 Technology Enabled Community Health Operations (TeCHO+)28 and the national NCD (Digital LifeCare)29 system have their own unique identifiers which are being linked to NDHM Health IDs.
Most IT systems have registries for facilities and providers embedded within, and these grow organically, user by user, facility by facility, as the system adoption increases.30 31 Instead, there must be independent registries which are an SSOT, accessible and usable by all primary health programmes for interoperability. The registries should have open interfaces for ease of access by all ecosystem apps, be scalable for heavy loads and have clear processes for maintenance.32 The national identification number (NIN) for health facilities, an initiative of the Ministry of Health and Family Welfare, serves as the official basis of identification for all public health facilities today.33
TeCHO+ has a separate facility management module that uses the NIN to uniquely identify all the health facilities in its area of operation. Using this helped in better mapping of the RCH data collected at the state level with the national RCH monitoring system. AMRIT has leveraged state-based facility and health human resource registries which helps to uniquely identify the workforce and triangulate resources during referrals. Also, AMRIT has integrated with India’s TB platform to manage drug adherence and identification of comorbidities among patients. NDHM architecture includes registries for all healthcare providers, facilities and the first set of building blocks by NDHM include two registries, DigiDoctor for all registered doctors and the Health Facility Registry for all health facilities in the country.21
Integration between information technology systems
Integration has been attempted within well-defined programmatic frameworks. AMRIT, a platform for primary health interventions in resource-poor districts, currently serving 7+ million people (with an archived record base of 70+ million data points), has enabled vertical integration between front-line health workers and peripheral health facilities like HWCs, community outreach programmes through mobile medical vans and at first referral units which creates a longitudinal view of health information, handles escalations and creates referral pathways to help establish care continuum.27 Digital LifeCare, the platform built for the Government of India NCD programme targeting 500 million people, integrates apps across village, subhealth centre and primary and secondary-level facilities by adopting a cloud EHR tagged with a unique health identifier, role-based updation rights, e-referrals, centralised patient status and common registries.34 TeCHO+ serves over 60 million people across multiple health verticals in the primary care settings and enables longitudinal tracking of patient information using a unique ID between village health facilities, PHCs and across secondary healthcare facilities.28 Lateral integration across these systems will be enabled by the adoption of the common Health ID and health registries offered by NDHM. Figure 1 describes the platform approach to establish a continuum of care.
Distributed data and processing architecture as a pathway to scale
Pilots do not scale in India due to the daunting hardware and computing capacity required when expanding projects to serve tens of millions of persons served by each state health ministry. Power and internet connectivity challenges necessitate data collection, consent management, information exchange and updates to work seamlessly even while offline. The volume of health data transactions generated in a population of 1.3 billion people raises significant challenges of data consistency, 24×7 availability and scalability.
Intermittent power and connectivity
The TeCHO+’s distributed processing architecture allows a field health worker offline using a store-and-forward approach to mitigate the challenges of network fluctuations. A strong sync mechanism at the server uses advanced logic to manage the longitudinal record integrity to merge data about the same beneficiary coming from multiple offline devices in the field. Like TeCHO+, AMRIT uses a store-and-forward mechanism in its facility systems, mobile medical units or front-line worker systems, even enabling low-bandwidth teleconsultations. Clinical information collected via health helplines is used by the beneficiaries to get in touch with a doctor. These systems create a single longitudinal view of all beneficiary data resulting in a better health profile of people, community and district.
Distributed data architecture
Health IT platforms include a transactional system, with applications to conduct routine care operations and an analytics system, where the collected data are analysed to generate reports and dashboards. In the Digital LifeCare system, initially the data architecture for these two was unified and it worked up to 10 million beneficiaries. As the volume increased to 15 million, the application performance began to degrade. This problem was addressed by adopting a distributed data architecture approach so that the analytics module did not impact transaction performance for users. The functional separation of data collection, storage, integration, processing and visualisation is shown in the PHC example in figure 2. We will examine modules 2 and 4 which are key elements of a distributed data architecture.
Transaction datastore layer
The choice of database for transactional storage is based on the type and volume of data, storage duration, frequency of access, consistency and availability. PHC data consist of structured data (numerical values like height, weight, blood pressure, etc) which are stored in relational databases and unstructured data (X-ray images and free text) stored in object storage. Storage duration for archiving health records is based on policy which service providers need to comply with. For effective cost optimisation, frequently accessed health data can be stored in high-performance, but more expensive (hot) storage and other data can be stored in cheaper, slower performance (cold) storage.35 For large-scale transactional data storage systems like public health systems, consistency is critical as all users must have access to the exact same data at any given point in time. Systems must be always running and highly available; to achieve this, they are deployed with duplicate copies of data on additional servers in different data centres.
Distributed processing layer
Large-scale data warehouse systems require processing and storage to be distributed so they can provide dynamic updates to health administrators. Typically, in a distributed datastore, the data are partitioned by location, year or beneficiaries. If a health administrator wishes to compare screening data over 5 years, it requires data to be fetched from five different partitions. Partition design for smooth functioning even during network outage is very important for analytics systems.36 This separation of data layer and distributed processing is implemented in Digital LifeCare and is currently handling 100 million beneficiaries and can scale up to 500 million beneficiaries.
Plug-and-play model to allow configurability
A federated enterprise architecture allows a vast network of loosely coupled, semiautonomous entities to exchange information in a standardised secure manner.37 It fosters innovation by allowing easy development of apps on the platform and allows for modular expansion by its adherence to standards. A variety of patient apps can be developed that allow the individual to have a comprehensive view of her health record and track her visits, her wellness metrics and care regimen.
Dynamic configurability in TeCHO+ has ensured that the system is always primed for changes in policy or evidence-based protocol updates. Well-defined interconnections and dynamic configurability between systems enable a ‘plug and play’ approach for innovation, rapid development and ease of customisation. For example, AMRIT can easily plug in various point-of-care devices to help collect clinical data points at various health settings (static or mobile). Using these, front-line worker systems can connect to health facilities and make quick decisions using decision support systems, saving time in the urgent referral for the high-risk pregnant woman needing to see a specialist right away. In Digital LifeCare, a clinical decision support system for hypertension and diabetes has been plugged into the platform through standardised interfaces for use in one state while other states continue to use existing government protocols.
An open-source platform leads to stronger community participation for ecosystem innovations and sustainability. In all three platforms, the confidence in the platforms and willingness to adopt them were significantly higher as they were built on open-source technologies and were themselves public good open-source systems.
Authenticated, secure data exchange with privacy by design
According to the National Resource Centre for EHR Standards, the government (as a health provider) is only a custodian of health data while ownership lies with the individual.24 Digital LifeCare has a four-pronged security strategy as shown in figure 3.
Policy mandates that consent of an individual must be taken at the point of data collection and for sharing data with other systems. The consent must be free, specific, clearly given and revocable. The challenges with consent are twofold. First, consent is not necessarily informed or free from coercion given the inverted power asymmetries in many healthcare interactions, and second, the recording of consent is particularly constrained in low-resource settings where individuals may not have mobile phones, connectivity is poor or data are entered retrospectively from paper.
A core building block of NDHM is the consent manager which is designed to comply with government policies and frameworks including electronic consent framework (Technology Specifications v1.1) with its subsequent revision(s) published by Ministry of Electronics and Information Technology.38 Leveraging this, primary health platforms must additionally extend the consent framework to an offline first architecture using mechanisms like video, or a one-time password to capture consent electronically.38 Sample flow control is explained in figure 4.
Encryption and secure data exchange
The architecture of a large-scale health system must have robust security features designed into the system. Digital keys used in cryptographic functions must be safeguarded and periodically rotated. In Digital LifeCare, data are securely encrypted whether it is at rest or in transit within the system, using the best available encryption key strength.39 Secure transmission standards like HTTPS, TLS 1.2 and TLS 1.3 are adopted, along with digital signatures for ensuring authenticity of identity.
Authentication and authorisation
As digital ecosystems mature, it is imperative that access to data is role based in concordance with institutional policy and pertinent laws. As the COVID-19 pandemic has shown, it is still not a common practice or expectation that identities be masked from health data sets. To enable role-based access, Digital LifeCare platform authenticates user credentials through identity management and authentication services. Security features like strong password management, automatic logging off, CAPTCHA, access privileges and interface data validations are part of the platform.
To ensure accountability and transparency, all transactions should have a clear audit trail that records user identity, identifies the data sets accessed, with timestamps and transaction description.40 Audit trails should be available to authenticated users on demand or on a periodic basis for compliance monitoring as mandated by policy.
In comparison with other enterprise architecture frameworks,41 the framework being proposed here is for the unique context of LMICs like India. The framework needs to be able to scale up for health programmes that serve more than a billion people. It needs to be scalable and configurable to support last mile service delivery with close to a million field health workers and 150 000 subhealth centres from states with diverse administrative needs. Health systems in LMICs operate under severe resource constraints so the framework must be cloud based which requires lower investment and technology capability to manage. Finally, the poor connectivity in remote rural areas requires an architecture where data collection, consent management and secure data sharing need to work seamlessly in an offline mode.
We submit that a federated enterprise or platform approach for comprehensive PHC mandates standardisation and security while offering interoperability and customisability. It can scale exponentially by leveraging third-party solutions that can enhance engagement, user experience and efficiency, while relying on consent and privacy frameworks maintained by the platform.
This complementary approach allows for the vast heterogeneity in health system needs and capabilities across states in India, adapts to the dynamic and changing nature of both medical practice and public health policy and is responsive to local workflows and end user needs which are critical to strengthening primary health systems to advance the well-being of populations.
Data availability statement
There are no data in this work.
Handling editor Seye Abimbola
Twitter @oommen_john, @satchit_balsari
Contributors SN, OJ, MK, EN and SS conceptualised the paper. MK, EN, SV, DV and SS analysed the frameworks. SN, OJ, MK, EN, SV, DV, SS, HR and NG drafted and revised the paper. SB and VS provided critical feedback and revised the paper. All authors read and approved the final version of the manuscript.
Funding The authors have not declared a specific grant for this research from any funding agency in the public, commercial or not-for-profit sectors.
Competing interests None declared.
Provenance and peer review Not commissioned; externally peer reviewed.
Supplemental material This content has been supplied by the author(s). It has not been vetted by BMJ Publishing Group Limited (BMJ) and may not have been peer-reviewed. Any opinions or recommendations discussed are solely those of the author(s) and are not endorsed by BMJ. BMJ disclaims all liability and responsibility arising from any reliance placed on the content. Where the content includes any translated material, BMJ does not warrant the accuracy and reliability of the translations (including but not limited to local regulations, clinical guidelines, terminology, drug names and drug dosages), and is not responsible for any error and/or omissions arising from translation and adaptation or otherwise.