Consent management is a system, process or set of policies for allowing consumers and patients to determine what health information they are willing to permit their various care providers to access. It enables patients and consumers to affirm their participation in e-health initiatives and to establish consent directives to determine who will have access to their protected health information (PHI), for what purpose and under what circumstances. Consent management supports the dynamic creation, management and enforcement of consumer, organizational and jurisdictional privacy policies.
Industry References
Gartner Research “Hype Cycle for Healthcare Provider Technologies and Standards
Personal Information Management for Consent Management Solutions
The need to accommodate and automate consumer privacy preferences in health information exchange is recognized by the healthcare industry through various standards activities and consent discussions:
- American Medical Informatics Association (AMIA), e-Consent: * The Design and Implementation of Consumer Consent Mechanisms in an Electronic Environment by Enrico Coiera, MBBS, PhD and Roger Clarke, MComm, PhD
- Canada Health Infoway, iEHR Tech II Project, Standards Collaborative Partnership
- Health Information Security and Privacy Collaboration (HISPC)
- Health Information Technology Standards Panel (HITSP), “TP 30 - HITSP Manage Consent Directives Transaction Package.”
- Health Level 7, “Community-based Collaborative Care Project.”
- Integrating the Healthcare Enterprise (IHE), “Basic Patient Privacy Consents (BPPC).”
- Integrating the Healthcare Enterprise (IHE), “Advanced Patient Privacy Consents (APPC).”
- Organization for the Advancement of Structured Information Standards (OASIS), “Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of XACML v2.0 for Healthcare Version 1.0.”
- IAB Europe: List of Consent Management Provider, “”