A clinic owner I met in Ernakulam last month put it bluntly: "ABDM has been three letters in a government circular for two years. What does it mean for me, today, on a Wednesday afternoon with twenty patients in the waiting room?"
That is the right question. And the answer in 2026 is no longer abstract. ABDM has matured into three practical pieces — ABHA, consent, and the Health Information Exchange — that change how a Kerala clinic operates whether it adopts them deliberately or stumbles into them through a patient who already has.
1. ABHA: the patient identifier that travels
The Ayushman Bharat Health Account is the patient-facing piece. It is a 14-digit health ID
(and a paired health-ID address like radesh@abdm) that any Indian can create in a
minute on the ABDM app. By 2026, more than 75 crore ABHAs have been generated, and a meaningful
share of those are active. In Kerala specifically, the state has pushed ABHA hard through PHCs and
government hospitals; private clinics are now seeing ABHA-bearing patients walk through the door.
What changes for the clinic? When a patient hands you their ABHA, you can verify it against the ABDM gateway in real time, pull a verified demographic record (name, DOB, gender, phone), and link the consultation to the patient's national health record. The next time they show up at a different hospital, your discharge summary can — with consent — be on the new clinician's screen before they walk in.
For a multi-doctor clinic that sees patients move between OPD, lab, and an in-house pharmacy, ABHA also acts as the canonical identifier across the visit. No more "is this Asha 1, Asha 2, or Asha S" guessing on the front desk. The verification is one click.
2. Consent: the artefact that makes data movement legal
The piece most clinic owners under-appreciate is consent. Under the Digital Personal Data Protection Act 2023 and the ABDM consent framework, you cannot simply "share the chart with the cardiologist down the street." You need an explicit, granular, time-bounded consent artefact — a signed digital document that says this patient has authorised this provider to access these records for this purpose, until this date.
ABDM-ready software does this for you. It generates the consent request, sends it to the patient's ABHA app, captures their approval, signs the artefact, and stores it alongside the clinical data. When DGHS or the data-protection authority audits you in three years, you have a clean audit trail rather than a folder of signed paper forms.
Software that does not handle consent leaves the practice exposed. The penalty under DPDPA 2023 for processing personal data without lawful basis can reach ₹250 crore per incident. That is not a number a single clinic will see, but the law applies the same way to a 5-doctor practice as it does to a 500-bed hospital.
3. HIE: the callback channel that brings records to you
The third piece is the Health Information Exchange — the routing layer that delivers consented records from one provider to another. Your clinic registers as a Health Information User, the referring hospital is a Health Information Provider, and the HIE shuttles the records between you over a callback channel.
This is the piece that converts ABHA from "another login" to "actually useful." A patient with a chronic condition arriving at your clinic for the first time can land with their last six months of investigations already in the chart, instead of repeating ₹6,000 of lab work because the previous reports are on a phone that ran out of battery.
The two questions to ask your current vendor
If you are running a Kerala clinic on existing software in 2026, two questions cut through the marketing copy.
- Can you show me a live ABHA verification today, in this clinic, against the production ABDM gateway? Not a slide. A real verification. Many vendors describe ABDM as "on the roadmap" in 2026 — that is no longer acceptable for a real-world deployment in 2026.
- Where do consent artefacts live, what does the audit log look like, and how long are they retained? If the answer is vague, the vendor has not built it; they are reselling ABHA verification without the legal infrastructure that makes the data movement valid under DPDPA 2023.
Why the Kerala market specifically?
Three reasons.
- Kerala has the highest ABHA penetration of any state (the state government has actively pushed adoption through Aardram and the eHealth project), so the patient-side identifier has critical mass.
- Kerala's medical-tourism segment serves international patients who increasingly expect their records to be portable when they go home — ABDM's HIE is the cleanest way to deliver that.
- The state's empanelled-provider tenders increasingly specify ABDM-ready software as a qualification criterion. A clinic that wants government referrals in 2026 will need it regardless of patient demand.
What "ABDM-ready" looks like in Medixar
For full disclosure: Medixar handles all three pieces — ABHA verification, consent artefact generation and storage, HIE callback — out of the box. The implementation is described in our security page and is exercised on our staging environment whenever a new tenant is onboarded. We are not the only vendor that does this, but we are explicit about how it works because the alternative — vague claims of "ABDM-compatible" — leaves customers carrying compliance risk they did not knowingly accept.
If you'd like a 30-minute call to see ABHA verification in action against a real consultation flow, book a demo. We won't sell — we'll show.
Want to see Medixar in action?
30-minute live demo with the founding team. Your workflow, your questions.
Book a demo