Digital Backbone

The National Digital Backbone

Supporting these frontline “Mandirs” is a robust set of five digital pillars defined by the National Health Authority (NHA):

ABHA Number: The unique digital identity for citizens.
Health Facility Registry (HFR): The master database of verified healthcare facilities.
Healthcare Professionals Registry (HPR): The directory of verified doctors, nurses, and paramedical staff.
Unified Health Interface (UHI): The open protocol for digital health services (the “UPI of health”).
National Health Claims Exchange (NHCX): The gateway for seamless, paperless health insurance claims.

Identity, Verification, and Discovery: The “Triangulation” Model

True trust in the ABDM ecosystem is built by triangulating three verified sources of identity, complemented by secure storage and discovery layers.

1. Identity Triangulation

ABHA (Identity): Provides the persistent, across-the-board identity that anchors a citizen’s longitudinal health story.
HPR (Healthcare Professionals Registry): Ensures the provider is a verified health professional.
HFR (Health Facility Registry): Ensures the care is delivered at a verified health facility.

The Unique ABHA Constraint: One Person, One ID

A fundamental architectural rule of the national mission is the Uniqueness of the ABHA Number.

No Multiplicity: It is not possible for a single individual to have multiple ABHA numbers. The ID is a unique, life-long identifier anchored to a person’s identity.
Single Version of Truth: This constraint ensures that clinical records from fragmented visits are correctly routed back to the same longitudinal history, preventing data silos or duplicate profiles.

2. Verification & Agency

DigiLocker (Credential Verification): Acts as the secure, government-verified repository for static “credentials” (e.g., insurance policies, vaccination certificates, and academic degrees).
The PHR Storage Paradox: While DigiLocker provides 1GB of storage, this is insufficient for a lifetime of clinical-grade data (e.g., high-res imaging).
The “Google Pay” Model: Consequently, modern PHR applications are evolving into Discovery & Transaction Gateways. Just as Google Pay does not “store” your money, PHR apps discover records across diverse providers (“the banks”) and facilitate secure, consent-based exchange.

Data Ownership vs. Digital Lockers

A common governance misunderstanding involves the “ownership” of medical data:

Ownership: The Hospital (the fiduciary) remains the owner and custodian of the primary clinical record.
The Locker (Locker/PHR): Platforms like the ABDM Health Locker are not owners; they are secure gateways designed to provide the patient with agency over their own health history.

3. Discovery Layer (PHR/HIE)

Enables the real-time “discovery” and fetch of dynamic clinical records (e.g., lab reports, discharge summaries, and prescriptions) from disparate hospital nodes using a Link and Share model.

Patient Agency: The PHR Link Model

A core tenet of the ABHA ecosystem is empowering the patient as the primary orchestrator of their medical history.

The Push Mechanism: Instead of a central repository, the system uses a Link and Share model. Patients receive a digital link (via PHR apps like the ABHA app) to their clinical records for both Out-patient (OPD) and In-patient (IPD) care.
Longitudinal History: By linking these fragmented visits, the patient maintains a continuous, longitudinal health record that they can share with any clinical provider, regardless of the hospital’s internal HIS.

A core architectural tenet of the ABDM is the shift from a centralized to a Federated Architecture, ensuring systemic resilience and privacy.

Federated Architecture: The national backbone is composed of independent, decentralized nodes. This design ensures that if a specific facility’s node is affected, it does not hamper the others, isolating failure and ensuring institutional autonomy.

The Federated Edge: India’s Unique Architecture

Unlike centralized models, India’s HIE is designed as a Federated Architecture, ensuring that data stays at the source while allowing discovery and consent-based access at a national scale.

To combat the “shortcut” culture, the NHA and NHM teams are evolving their roles from facilitators to Auditors of Implementation Quality. However, this auditing is governed by a fundamental architectural constraint:

Zero-Visibility (Blind-to-Transit): The NHA has no visibility into health data while it is in transit or at rest. They only provide the discovery and consent layer. This is a deliberate privacy-first design choice.
Fiduciary Responsibility: Because the NHA cannot “see” the data, the Hospital (the fiduciary) remains solely responsible for any missing, inaccurate, or incomplete documentation. The responsibility for data presence and integrity stays at the clinical source.
Quality Auditing: NHA’s role is to ensure that the software implementers provide the capability for structured data, but the onus of population and accuracy remains with the originating institution.

Support & Education

Education & Training: NRCeS provides free training—including SNOMED CT courses—to support the whole ecosystem.
Open Systems & Tools: By providing FOSS tools and libraries, NRCeS address implementation challenges through regular community engagement.