India's Hospitals Are Not Ready for NHCX and DPDP
India has built ambitious digital health rails through ABDM, NHCX, and the DPDP Act. But the uncomfortable truth is that hospital infrastructure readiness, not policy intent, is now the biggest constraint.
Despite years of momentum, only a fraction of Indian hospitals can actually operate in a claims-driven, interoperable, privacy-first ecosystem. Until this gap is addressed, India's digital health promise stays uneven and exclusionary.
The reality check: adoption is still thin
NHCX adoption tells the story clearly. As of early 2025, only around 450 hospitals have been onboarded to the National Health Claims Exchange, roughly 1–2% of India's total hospital base, and even fewer run live, end-to-end cashless claim workflows at scale. ABDM integration shows a similar pattern: large urban hospitals have made partial progress, but tier-2 and tier-3 hospitals remain below 10% meaningful integration, largely due to infrastructure and capability gaps. This is not a lack of willingness; it is a lack of readiness.
DPDP Act: compliance on paper, not in practice
The Digital Personal Data Protection Act made hospitals full-fledged data fiduciaries, responsible for obtaining consent, implementing encryption, reporting breaches and ensuring governance. Yet only a small percentage of organizations claim to understand DPDP, and nearly half haven't even started implementation. For small and mid-sized hospitals this means no encryption at rest or in transit, no audit trails across HIS/LIS/PACS, no breach-response workflows, and no designated Data Protection Officer.
Infrastructure gaps are the structural problem
of district hospitals have some IT infrastructure.
of Community Health Centres.
of Primary Health Centres.
This matters because NHCX, ABDM and DPDP all assume stable connectivity, digitised records, interoperable systems and trained IT/operations staff, assumptions that don't hold outside major cities.
Legacy systems and workforce resistance
Even where infrastructure exists, hospitals face two systemic blockers. First, legacy HIS and EMR platforms, around 40% of hospitals struggle to integrate new applications due to outdated systems that can't support FHIR APIs or modern consent layers. Second, people and skills, leaders cite staff resistance and low digital literacy as significant barriers, with clinicians fearing increased workload rather than efficiency gains. Digital health is still viewed as a cost center, not an operational enabler.
What actually needs to change
Phased infrastructure upgrades
Start with cloud-based HIS, FHIR-ready APIs and modular upgrades rather than rip-and-replace. Use ABDM sandboxes aggressively for testing before scale.
Training that shows outcomes
Hands-on training must demonstrate real results: 2 hours/day less admin effort, faster discharge cycles, fewer claim rejections.
Incentives for smaller hospitals
Without subsidies, pooled procurement or shared digital utilities, small hospitals will simply opt out.
Managed services over ownership
Cybersecurity, DPDP compliance and consent management should be delivered as managed services, not in-house experiments.
India does not have a policy problem. It has an execution and infrastructure problem. Until hospitals across tiers are digitally capable, NHCX won't scale, DPDP stays unevenly enforced, and ABDM will amplify inequality instead of reducing it.