UHIN implements every mandatory ABDM requirement — HIP + HIU dual role, all 11 API callbacks, FHIR R4 with NRCeS profiles, 8-step consent flow, and ABHA creation at point of care. The 18–24 month certification timeline is your competitive moat.
ABDM is not a single product—it is an open, interoperable framework built from six interconnected registries, gateways, and identity systems. UHIN integrates with every one of them.
A 14-digit unique digital health identity for every Indian. Voluntarily created using Aadhaar or mobile OTP. Links all health records across every ABDM-registered provider. One Aadhaar → one ABHA. One mobile can be linked to multiple ABHA accounts (for families).
A verified national database of all health facilities—hospitals, clinics, labs, pharmacies, imaging centers—across public and private sectors. Every ABDM-integrated facility gets a unique HFR ID used in care context creation.
A verified national registry of all doctors and healthcare workers. HPR ID linked to NMC registration number. Required for issuing digitally signed prescriptions (DSC) under ABDM. 5.6 lakh+ professionals registered.
The consent backbone of ABDM. Routes consent requests between patients, HIPs (health info providers), and HIUs (health info users). Enforces purpose limitation, time-bound access, and patient revocation. All data moves only via HIE-CM.
Open protocol for discovering and booking health services across the ABDM network—telehealth, OPD, diagnostics, ambulance. Similar to ONDC for healthcare. Enables any ABDM-compliant app to access services from any registered provider.
Interoperability layer for health insurance claims between payers (insurers) and providers (hospitals). Standardises pre-auth, claims submission, and settlement using FHIR-based formats. Enables real-time cashless claims.
Every Indian’s Aadhaar card is linked to exactly one primary ABHA number. This is permanent, voluntarily created, and never reassigned. It becomes your universal health ID at every hospital, clinic, lab, and pharmacy in India.
A single mobile number can be registered with multiple ABHA accounts—allowing one person (e.g. a parent) to manage ABHA accounts for children, elderly parents, and other family members from one phone. UHIN’s smart disambiguation screen identifies the right patient when a mobile number returns multiple matches.
Separate from the 14-digit number, an ABHA address is a self-declared username (e.g. ravi.kumar@abdm). It is used for digital health record sharing, PHR app login, and consent management on the ABDM network. One ABHA number can have multiple ABHA addresses.
Via Aadhaar OTP (instant), via driving licence / PAN (offline-assisted), or via hospital-assisted registration at PHC counters. UHIN creates ABHA for patients at OPD registration if they don’t have one yet—in under 2 minutes.
Patient gives their 12-digit Aadhaar at OPD counter. UHIN calls the ABDM API to find the linked ABHA. OTP sent to patient’s Aadhaar-registered mobile. On verification, ABHA resolved and records fetched. Aadhaar number masked after lookup—never stored or displayed.
Patient shows their ABHA card QR code or states their 14-digit number. Direct ABDM discovery request resolves records instantly. No OTP needed if patient scans their own QR via ABHA app (Scan & Share). Fastest, most accurate—UHIN promotes ABHA creation for all patients.
Patient gives their mobile number. ABDM lookup may return multiple ABHA accounts (family members). UHIN shows a disambiguation screen: patient selects themselves from the list (name + age shown with masking). OTP sent. Records fetched for the selected ABHA only.
Every ABDM-integrated facility plays one of two roles—or both. UHIN is certified for both, making it the only platform a hospital needs.
Any hospital, clinic, lab, or pharmacy that generates health records (prescriptions, lab reports, discharge summaries, imaging) is a HIP. As a HIP, the facility registers care contexts with ABDM and responds to data requests from HIUs when the patient consents.
Care context creation — every OPD visit, prescription, lab result registered with ABDM as a care context pointer
Data push on consent — encrypts FHIR bundle with requester’s public key and sends to HIU’s dataPushUrl
Responds to discovery — returns matching care contexts when ABDM sends a discovery request
Any entity that needs to access a patient’s records from another facility is an HIU. As an HIU, the requester sends a consent request to the patient via ABDM, and on approval, receives the encrypted FHIR bundle from the HIP. Doctors requesting a patient’s history from a different hospital use UHIN in HIU mode.
Consent request initiation — sends structured consent request to ABDM specifying purpose, HI types, date range
Receives encrypted bundle — decrypts FHIR bundle from HIP using private key and renders records in consultation workspace
Handles consent revocation — immediately stops access when patient revokes consent via ABDM notify callback
ABDM certification is structured in three progressive milestones. Each builds on the previous. Reaching M3 is the gold standard — and what makes UHIN a true Health Information Exchange, not just a registration system.
ABDM certification requires implementing 6 HIP callback endpoints, 3 HIU data endpoints, and 2 consent management endpoints. UHIN implements all 11. Every API listed below is verified against the NHA sandbox test suite.
UHIN creates ABHA for patients who don’t have one at OPD registration, using Aadhaar OTP in under 2 minutes. Zero friction for hospitals and patients.
Every hospital and clinic onboarded to UHIN is simultaneously registered in the ABDM Health Facility Registry with a verified HFR ID, ABDM Client ID, and Client Secret.
Every OPD encounter, prescription, lab order, discharge summary, and diagnostic report creates a FHIR Bundle and registers a care context pointer with ABDM — making it discoverable by any HIU.
All health records stored as FHIR R4 resources conforming to NRCeS Implementation Guide — mandatory for ABDM HIP certification. India-specific extensions: CDSCO drug codes, NMC practitioner IDs, ICD-10 India, LGD district codes.
UHIN’s consent engine validates the ABDM-issued consent artefact on every single data request — live, not cached. Checks: artefact signature, requester identity, purpose code match, time validity, and HI type scope.
When a patient revokes consent in their ABHA app, ABDM sends a notify callback to UHIN. Access is blocked within seconds — no manual intervention, no grace period.
Every consent grant, data access, and revocation is logged with a cryptographic hash in an append-only WORM database. DB triggers block any UPDATE/DELETE on audit_log. Patients can independently verify via ABDM audit API.
All UHIN data is stored on AWS Mumbai (ap-south-1) or NIC MeghRaj. S3 bucket policy blocks cross-region replication. RDS instances are region-locked. No data ever leaves India.
The 18–24 month ABDM certification timeline is a structural moat. Every hospital EMR vendor trying to compete with UHIN must go through the same NHA audit, FHIR conformance testing, and sandbox process. There are no shortcuts.
Talk to our ABDM integration team about onboarding your hospital, clinic, or health-tech platform onto the UHIN ABDM network.