Overview
Practo is India’s largest healthcare platform connecting patients with doctors, offering teleconsultation, medicine delivery, lab tests, and health records storage. The platform processes the most sensitive category of personal data under DPDP: health information including diagnoses, prescriptions, medical histories, and doctor-patient communications.
DPDP Readiness: Section-by-Section Analysis
Section 6 — Consent & Notice ⚠️
Practo collects health data under a single consent framework:
- Medical history and health records
- Doctor consultation notes and prescriptions
- Lab test results
- Medicine purchase history
- Health condition searches and symptom checker usage
DPDP concern: Health data requires the highest consent standard. Users searching “diabetes symptoms” may not realize that search data is stored and potentially used for targeted health product recommendations.
Gap: No separate consent for health data storage vs. sharing with partner pharmacies/labs.
Section 7 — Certain Legitimate Uses ⚠️
Healthcare delivery requires processing health data. However:
- ✅ Connecting patients with doctors — legitimate
- ⚠️ Health product recommendations based on consultation history — overreach
- 🔴 Sharing health profiles with pharmaceutical partners — requires explicit consent
- 🔴 “Analytics and research” on health patterns — even anonymized, requires careful handling
Section 8 — Obligations of Data Fiduciary ⚠️
Practo shows healthcare awareness with security measures. However:
- No specific mention of health data encryption standards
- Telemedicine video consultation storage and protection unclear
- Multi-party access (doctor, pharmacy, lab, insurance) creates exposure
- No data protection impact assessment reference for high-risk health processing
Section 9 — Data Retention 🔴
Critical gap for healthcare: No specific retention timelines for:
- Doctor consultation records (should follow MCI guidelines: minimum 3 years)
- Prescriptions (pharmacological records)
- Lab test results
- Health records stored on Practo’s PHR
- Telemedicine session recordings
- Symptom search history
Medical data is perhaps the only data category where both minimum AND maximum retention need specification.
Section 11 — Rights of Data Principal ⚠️
- Can users request deletion of their entire health record? What about statutory retention requirements?
- No portability mechanism for health records to another platform (critical for patient empowerment)
- No nomination rights — especially important for healthcare (what if a patient becomes incapacitated?)
- No mechanism to control which doctors/pharmacies have ongoing access
Section 12 — Right of Grievance Redressal ⚠️
Grievance officer exists. No DPB escalation path. The intersection of medical ethics and data protection complaints needs clearer handling.
Section 16 — Cross-Border Data Transfer ⚠️
Cloud infrastructure may transfer health data internationally. For health information, this is particularly sensitive — many jurisdictions have specific health data localization requirements.
Risk Assessment
| Category | Risk Level | Potential Impact |
|---|---|---|
| Regulatory fine | Critical | Up to ₹250 Cr — health data = highest stakes |
| Health data consent | Critical | Medical data processed under general consent |
| Data retention | Critical | No timelines for highly sensitive medical records |
| Multi-party sharing | High | Doctors, pharmacies, labs, insurance — each a risk point |
| Telemedicine data | High | Video consultations = audio-visual health data |
| Data portability | High | Health record lock-in violates patient rights |
The Healthcare Data Trust Challenge
Healthcare platforms carry a unique responsibility:
| Data Type | Harm Potential if Mishandled |
|---|---|
| Chronic condition records | Insurance discrimination, employment bias |
| Mental health consultations | Social stigma, relationship impact |
| STD/reproductive health | Extreme personal sensitivity |
| Prescriptions | Drug use inference, substance dependency |
| Genetic/family health history | Multi-generational privacy implications |
Practo holds all of these. DPDP compliance isn’t just regulatory — it’s a trust imperative.
Recommendations
- Implement health-specific consent layers — Separate consent for consultations, health record storage, pharmacy sharing, lab sharing, and marketing
- Define medical data retention schedule — “Consultation records: 3 years per MCI; prescriptions: 5 years; symptom searches: 90 days; teleconsultation videos: 90 days post-consultation”
- Build health data portability — Allow patients to export complete health records in standard formats (FHIR/HL7)
- Add nomination mechanism — Critical for healthcare — allow patients to designate someone who can access records if incapacitated (Section 14)
- Implement access transparency — Show patients exactly who has accessed their health records and when
- Deploy enhanced security for health data — Health data encryption at rest and in transit with AES-256 minimum, separate from general platform data