The Consent Manager in Ayushman Bharat Digital Mission (ABDM) puts patients in full control of their health data. It is a mandatory, secure mechanism that requires explicit patient consent before any health record is shared between providers, labs, hospitals, or apps ensuring privacy, transparency, and trust in India’s digital health ecosystem.
Glimpse:
Every time a doctor, hospital, lab, or health app wants to access or share a patient’s records via ABDM, they must first request consent through the patient’s linked Consent Manager. The patient receives a notification (via ABHA app, SMS, or email), reviews the purpose, duration, and data scope, and grants or denies consent. Consent is time-bound, purpose-specific, granular, revocable at any time, and fully auditable making ABDM one of the most patient-centric health data frameworks globally.
The Ayushman Bharat Digital Mission (ABDM) is built around the principle that patients own their health data. The Consent Manager is the cornerstone of this model it is the digital gatekeeper that enforces patient choice every time health information flows across the ecosystem.
Here’s how patient consent actually works in practice:
1. Linking Records When a patient creates an ABHA (Ayushman Bharat Health Account), they link their records from hospitals, labs, clinics, and wearables. No linking happens without explicit consent.
2. Consent Request Whenever another entity (doctor, hospital, diagnostic lab, insurance company, health app) wants to access or push data into the patient’s ABHA, they send a consent request via the ABDM network. The request clearly specifies:
- What data is needed (e.g., last 6 months lab reports)
- Purpose (treatment, consultation, second opinion, insurance claim)
- Duration of access (e.g., one-time, 30 days, 1 year)
- Who will access it
3. Patient Notification & Decision The patient receives an instant notification through:
- ABHA mobile app
- Registered mobile number (SMS)
- Email (if linked)
The patient opens the request, reviews the details, and chooses:
- Approve (with or without modifications)
- Deny
- Approve only specific parts
4. Consent is Granular & Revocable Patients can limit consent to certain data types, providers, or time periods. They can also withdraw consent at any moment from the ABHA app immediately stopping further access.
5. Audit Trail & Transparency Every consent request, approval, denial, and revocation is logged immutably. Patients can view their complete consent history anytime in the app, including who accessed what and when.
6. Emergency Access In life-threatening emergencies, providers can request “break-glass” access, but it is flagged, time-limited, and must be justified and audited afterward.
This consent architecture aligns with the Digital Personal Data Protection Act (DPDP) 2023 and global privacy standards. It ensures that data sharing is always patient-initiated or patient-approved, never automatic building trust in digital health while enabling seamless care continuity, telemedicine, and analytics.
The Consent Manager is available through ABDM-registered apps (e.g., ABHA app, Aarogya Setu, state-specific apps) and is free for patients.
“With the Consent Manager, the patient is not just a participant they are the decision-maker of their own health data.”
By
HB Team
