The laws pertaining to food, health and medicines are fast changing but the businesses dealing in them are very slow in adapting with them. As more and more businesses are making their online presence felt, the food and health laws are frequently violated. When e-commerce model is used to sell food, health and medicines in an online environment, many complicated techno legal issue arise.
For instance, fields like online pharmacies, ayurveda, healthcare technology, nutraceuticals, e-health, m-health, telemedicine, etc require compliance with techno legal requirements as prescribed by various legislations of India. These include compliance with laws like Prevention of Food Adulteration Act, 1954 and Rules 1955 (PDF), Food Safety and Standards Act, 2006 (PDF), information technology act, 2000, etc.
When business is done through e-commerce mode, cyber law, cyber security and data security compliances are also required to be taken care of. Internet intermediary liability and cyber law due diligence (PDF) must be taken care of beforehand before launching a website in these fields. The position has become so clear now that cyber due diligence cannot be ignored by Indian companies anymore.
For instance, take the example of Target Corporation that faced cyber attacks and data breach recently. For reasons best known to Target, it failed to take remedial action in this regard. Now target is facing litigation threats around the world and it may be prosecuted in India as well very soon for failing to comply with techno legal requirements of applicable Indian laws.
The position is fast changing in developed nations. The European Union has even suggested measures to strengthen privacy and data rights of its citizens. India also cannot ignore these issues anymore and sooner or later regulatory authorities would question the non compliance on the part of food, health and medicine websites operating in India.
Clinical establishments operating in India are also required to comply with the requirements of the Clinical Establishments (Registration and Regulation) Act 2010 (PDF) and the Clinical Establishments (Central Government) Rules 2012 (PDF). Further, Recommendations on Electronic Medical Records Standards in India (PDF) have also been prescribed that have to be followed and complied with by Indian clinics and healthcare professionals of India.
The legal risks for developer and owners of food, healthcare and medicine related websites cannot be ignored. Further, mobile medical devices and handsets and their respective applications must also be in strict conformity with Indian laws. Medical device makers, software providers and medical fraternity of India must also keep in mind the encryption laws of India and cloud computing related compliances of India.