The Core of ABDM Data Exchange
At the heart of the Ayushman Bharat Digital Mission is a health information exchange framework. Two key roles govern how health data flows: HIP (Health Information Provider) and HIU (Health Information User). Understanding these roles is essential for any healthcare platform building ABDM compliance.
What is a Health Information Provider (HIP)?
A Health Information Provider is any entity that generates and shares patient health records through the ABDM ecosystem. If your platform creates clinical data — prescriptions, lab reports, discharge summaries, imaging reports — you are a HIP.
Who Can Be a HIP?
- Hospitals and clinics (sharing OPD/IPD records, discharge summaries)
- Diagnostic labs (sharing lab reports as FHIR DiagnosticReport)
- Radiology centres (sharing imaging studies)
- Pharmacies (sharing dispensing records)
- Telemedicine platforms (sharing e-prescriptions)
What Does HIP Integration Involve?
As a HIP, your platform must:
- Link care contexts — Associate patient visits/encounters with their ABHA number
- Respond to discovery — When a patient or another system queries for their records, your system responds with available care contexts
- Handle consent — When a patient grants consent for record sharing, your system receives the consent artefact and prepares data
- Send FHIR bundles — Package health records as FHIR R4-compliant bundles and push them through the ABDM gateway (encrypted)
What is a Health Information User (HIU)?
A Health Information User is any entity that requests and consumes patient health records from the ABDM ecosystem — always with patient consent. If your platform needs to view a patient's complete medical history (from other hospitals, labs, or providers), you need HIU integration.
Who Can Be a HIU?
- Hospitals seeking complete patient history before treatment
- Insurance companies processing health claims
- Telemedicine platforms needing prior medical context
- Chronic care management apps tracking long-term patient data
- Government health programmes monitoring population health
What Does HIU Integration Involve?
- Request consent — Your platform sends a consent request to the patient via the ABDM gateway
- Patient approves — The patient approves (or denies) via their ABHA app or linked consent manager
- Fetch health records — Upon consent, your platform fetches encrypted FHIR bundles from the patient's HIPs
- Decrypt and render — Decrypt the records using the consent artefact keys and display to the care team
Can a Platform Be Both HIP and HIU?
Absolutely. Most hospitals and healthcare platforms are registered as both HIP and HIU — they generate records (HIP) and also need to access records from other providers (HIU). This is the recommended full ABDM integration.
The ABDM Gateway: The Backbone
All HIP-HIU communication flows through the NHA ABDM Gateway. The gateway acts as a central routing layer — managing consent, routing record requests, and ensuring all exchanges are authenticated and logged. No direct peer-to-peer data exchange happens; everything goes through the gateway.
Security and Consent in HIP-HIU Exchange
ABDM's data exchange is built on patient consent. Key security principles:
- No data is shared without a valid, patient-signed consent artefact
- Consent artefacts have expiry — access is time-limited
- All records are end-to-end encrypted during transfer
- Audit trails are maintained for every access
- Patients can revoke consent at any time
Conclusion
HIP and HIU integration are the backbone of ABDM's health data exchange. Whether your platform generates clinical records (HIP) or needs to access them (HIU) — or both — ABDM provides a standardised, consent-driven, secure framework. Medi4u specialises in both HIP and HIU integration, helping healthcare platforms complete NHA certification and go live with production-grade ABDM connectivity.
