Sanvya Health LogoSanvyaHealth
Regulatory Compliance Guide

ABDM Compliance Guide for Hospitals in India

A detailed roadmap for hospital owners, IT directors, and administrators to register in the NHA Sandbox, implement ABHA identity management, map health records to FHIR standards, and achieve full digital compliance.

Last Updated: June 6, 2026 | Authority: Sanvya Health Compliance Team

Compliance Overview

Achieving compliance with the Ayushman Bharat Digital Mission (ABDM) is a critical requirement for private and public hospitals, nursing homes, and clinics across India. Regulated by the National Health Authority (NHA), ABDM introduces standard digital health records exchange using global inter-operability formats.

This guide documents the technical milestones (M1, M2, M3), sandbox setups, data mappings, and DPDPA consent flows necessary to transform your legacy medical practice into an ABDM-certified healthcare node.

1. What is ABDM Compliance?

The Government of India has established the Ayushman Bharat Digital Mission to digitize the healthcare ecosystem. ABDM compliance requires hospitals to implement Electronic Medical Records (EMR) and Hospital Information Systems (HIS) that connect to a secure national health grid.

Hospitals acting as Health Information Providers (HIP) generate and publish digital clinical records. Conversely, hospitals acting as Health Information Users (HIU) can request permission to view a patient's historical records generated elsewhere.

2. The NHA Sandbox Integration Roadmap

Before registering your facility live on the production grid, software providers must execute tests within the NHA Developer Sandbox. This integration consists of:

  • Developer Account Registration: Create an account on the NHA Sandbox portal and obtain client credentials (Client ID and Client Secret).
  • API Gateway Configuration: Set up Webhook endpoints to receive digital consent requests and health data query payloads from the central NHA servers.
  • Verification Checks: Pass automated testing scripts validating ABHA creation flows and patient consent management APIs.

3. ABHA Patient Identity Setup

The Ayushman Bharat Health Account (ABHA) is a patient's digital medical identity. In your hospital management software:

  • Aadhaar OTP Integration: Patients present Aadhaar details to generate an OTP, verifying their demographic details.
  • Mobile Number Association: Generate a 14-digit ABHA number and a customized ABHA Address alias (e.g., abha_user@abdm).
  • Card Issuance: Print or deliver the official ABHA card containing a secure QR code directly to the patient's WhatsApp.

4. Implementing FHIR Data Standards

Health records exchanged via the ABDM network cannot be transmitted as flat text or arbitrary PDFs. The NHA mandates the use of **FHIR (Fast Healthcare Interoperability Resources)** data standards:

Clinical events, pharmacy prescriptions, and diagnostic pathology or radiology results must be structured into JSON resources (e.g., FHIR DiagnosticReport, FHIR MedicationRequest) using specific Indian extensions defined by the NHA. This allows any certified system to read, parse, and render clinical records accurately.

5. ABDM Milestones: M1, M2, and M3

Hospitals certify their software by passing three functional verification milestones set by the NHA:

Milestone M1

ABHA Registrations

Creation of 14-digit ABHA IDs, scanning QR codes, and local patient profile mappings.

Milestone M2

Health Records Sharing

Functioning as a Health Information Provider (HIP) to publish prescriptions and reports to the network.

Milestone M3

RAG & E-Lockers

Accessing patients' historical records as a Health Information User (HIU) with explicit patient consent.

Frequently Asked Questions

QWhat is the NHA Developer Sandbox?

The National Health Authority (NHA) Developer Sandbox is a virtual testing environment provided by the Government of India. It allows healthcare software developers to build, test, and validate their APIs against the ABDM central registries (like ABHA and healthcare professional registries) before moving to the production ecosystem.

QWhat is the difference between ABHA ID and ABHA Address?

The ABHA Number (or ABHA ID) is a unique 14-digit identifier generated using Aadhaar or Mobile verification that uniquely identifies a citizen in India's digital health ecosystem. The ABHA Address is a user-customized username (e.g., patientname@abdm) that functions like a UPI handle, enabling secure health record linking and consent requests without revealing the 14-digit ID.

QWhat are the ABDM Milestones (M1, M2, and M3)?

ABDM compliance is divided into three key integration milestones: Milestone 1 (M1) covers ABHA ID generation, verification, and registration. Milestone 2 (M2) covers the digital sharing of health records as a Health Information Provider (HIP) and request of health records as a Health Information User (HIU). Milestone 3 (M3) covers unified digital health locker services and diagnostic report sharing protocols.

QIs Sanvya Health fully ABDM compliant?

Yes. Sanvya Health is designed from the ground up as an ABDM-compliant Hospital Management System. It comes pre-integrated with the NHA developer registries, enabling Indian hospitals and clinics to generate ABHA IDs, register clinical records under FHIR data standards, and exchange consent-driven records natively.

Need an ABDM-Compliant Software Demo?

Schedule a 30-minute virtual session with a Sanvya Health onboarding expert to configure your OPD and billing modules for ABHA integration.

Explore Related Topics

Deepen Your Knowledge

Navigate our comprehensive guides and features to build a complete picture of modern hospital management.

Book Demo on WhatsApp