Unlock Fine-Grained Consent Management and Data Access at Scale
Consent4Health is an application for consumer-directed sharing of their Electronic Health Information, typically spread across a patient’s many healthcare provider based EHRs. The application provides patients fine-grained control to direct their health sharing choices.
Our Innovative Technology
Emerging decentralized identity provides a better path forward to give healthcare consumers what they want, and developers what they need to rapidly innovate applications – while reducing risks, costs and technology burdens for providers, payers and life-science organizations.
Consent4Health is built on Azure and aligned with Microsoft capabilities such as Azure API for FHIR, Azure Data Lake, Authenticator, Azure Active Directory verifiable credentials, and more. The solution is an innovative approach to bring together the transformative power of FHIR, Decentralized Identity, Blockchain, Cryptography, and Fine-Grained Consent Management.
Consent4Health dramatically reduces current friction around consent and data sharing, freeing PHI /EHR data-custodians from the risks and burdens of managing PHI on behalf of patients, while accelerating 3rd party data access to put the patient back in control – all with portable and persistent trust.
Available Consent APIs
Better customer UX
Open up new markets
Lower EHI handling risk
PHI / EHR Data Custodians
Lowers burden of ONC compliance
Superior user experience
Immutable provenance and audit
Lower cost and complexity
Speed digital transformation
Ease of use
Control & visibility over PHI access and sharing preferences
Prevent PHI oversharing
Patient directed interoperability
Respect for privacy
Identity, Consent and Data Verifiable Credentials (VCs)
Why Is "Fine-Grained" Consent Management Important?
Fine-grained consent management (FGCM) has always been a precursor to any patient’s right to access and share their health data. Hospital information management experts have faithfully managed complex release-of-information (ROI) workflows and systems for years – to ensure overall security and a patient’s right to privacy while enabling their access and sharing choices over health information with family, attorneys, employers, providers, and others.
FHIR driven data-interoperability raises the bar. Data definitions such as USCDI (v 1.0, 2.0, ...) now set standards on what PHI is exposed; but, fine-grained consent management still lags, frustrating healthcare consumers that want control over their PHI by forcing them to over-share data and threatening their privacy with little to no ability to recall or update their consent intentions. In fact, true patient-centric digital health transformation is impossible without a solution for fine-grained consent management.
From the PHI / EHR data custodian’s (Providers, Payers, etc.) perspective, the pressure is now on to meet ONC’s 21st Century Cures Act mandates for compliance, while the technical complexity of what to do ratchets up. Following close behind is a wave of consumer-oriented privacy regulations (GDPR, CCPA, etc.) that will further elevate the need for healthcare data custodians to capture, manage and prove compliance with patient directed intent.