International Journal of Human Rights Law Review
International Open Access Double Blind Peer Reviewed, Referred Journal
ISSN No. : 2583-7095
ISSN No. : 2583-7095
Patient Rights, Informed Consent and Health Data Protection in the Digital Age: A Critical Analysis of India’s DPDP Regime and Emerging Digital Healthcare Practices
Abstract
The rapid digitisation of the healthcare sector via telemedicine, AI-based diagnostic technologies, and electronic health records has changed the doctor-patient relationship in India, and the situation has become complicated due to issues of patient rights, informed consent, and health data security. Although both the Digital Personal Data Protection Act, 2023. and the draft DPDP Rules, 2025 provide a rights-based, consent-centric approach, there are still major grey areas in regard to the sensitive health data. The main research issue that is identified in this paper is the normative and operational disconnection between the traditional medical consent and data protection consent in digitally mediated healthcare ecosystems. The paper has three focus areas: (i) Discuss the extent and enforceability of patient rights under the DPDP regime; (ii) Discuss the changing doctrine of informed consent when it comes to continuous and secondary healthcare practices that are facilitated by AI (iii) Discuss how sufficient the legal framework in India is to combat the risks posed by AI-enabled and platform-based healthcare practices. The study embraces a doctrinal and comparative approach to the study, which refers to statutory analysis, policy reports and the ongoing review of DPDP provisions by the Supreme Court (2026). This paper, argued that the DPDP framework enhances informational autonomy by imposing the consent conditions, it is still inadequately prepared to cope with the sector-specific issues, including the utilization of secondary data, the regulation of clinical research, and the decision-making of algorithms. It concludes that the Indian data protection framework is an indication of a transition to the digital dignity and patient-centric governance, but it needs regulatory harmonisation and enforcement to be strengthened to provide effective protection of patient rights.