New Delhi: Leaking information on the
health of an individual may earn a term in prison for six
months and also a fine up to Rs one lakh.
According to the new Privacy Bill, 2011, which is slated
to be tabled in Parliament during the forthcoming session, any
health information of any citizen of India collected with his
consent shall be kept by the person till the time the
individual wants and later it should be returned or destroyed.
Under the provision in the draft Bill that has 94
sections, no person or officer of the government shall collect
health information in respect of an individual so as to reveal
in public his health information thus adversely affecting his
right to privacy.
"Whosoever discloses in public, the health information
in respect of any citizen of India in contravention of the
provisions of this Act, shall be punishable for such offence
with imprisonment for a term which may extend to six months or
with a fine which may extend to Rs one lakh, or with both,"
the Bill said under its Health Information Privacy.
The Bill proposes that any health information of any
citizen of India collected with his consent or authorised
under law shall not be revealed in public.
Health Information Privacy is part of the various
measures proposed in the Bill which proposes among other
things stringent punishment, including revocation of licences
of telecom service providers, for illegally intercepting
telephone calls and making their content public.
It also includes a punishment of a prison term of five
years for people indulging in unauthorised spying on any
While illegal snooping or interception can land a person
in jail for a period of five years and a fine up to Rs one
lakh, people involved in circulation of an intercepted
communication or any other personal information shall be
punished with a prison term of three years and with a fine up
to Rs 50,000.
The Bill also proposes to set up a Data Protection
Authority of India (DPAI) to monitor and enforce compliance of
all provisions and receive and investigate complaints about
alleged violations of data protection rules.
DPAI will probe any data security breach and issue
appropriate orders as may be required to safeguard security
interests of all affected individuals with regard to personal
data that has or is likely to have been compromised by
The proposed authority shall consist of a chairperson
and not more than two members who have special knowledge and
professional experience of data protection, industry, finance,
law management and consumer affairs and the selection shall be
done by the government.
Taking a tough stand against government officers,
the Bill proposes that "where an offence under this Act has
been committed by any department of the Government, the Head
of the Department shall be deemed to be guilty of the offence
and shall be liable to be proceeded against and punished
accordingly unless he proves that the offence was committed
without his/her knowledge or he/she exercised due diligence to
prevent the commission of such offence."