Unlock Fine-Grained Consent Management and Data Access at Scale

Consent4Health is an application for consumer-directed sharing of their Electronic Health Information, typically spread across a patient’s many healthcare provider based EHRs. The application provides patients fine-grained control to direct their health sharing choices.

Our Innovative Technology
shutterstock_1395904286 copy.jpg

Emerging decentralized identity provides a better path forward to give healthcare consumers what they want, and developers what they need to rapidly innovate applications – while  reducing risks, costs and technology burdens for providers, payers and life-science organizations.  


Consent4Health is built on Azure and aligned with Microsoft capabilities such as Azure API for FHIR, Azure Data Lake, Authenticator, Azure Active Directory verifiable credentials, and more.  The solution is an innovative approach to bring together the transformative power of FHIR, Decentralized Identity, Blockchain, Cryptography, and Fine-Grained Consent Management.

Consent4Health dramatically reduces current friction around consent and data sharing, freeing PHI /EHR data-custodians from the risks and burdens of managing PHI on behalf of patients, while accelerating 3rd party data access to put the patient back in control – all with portable and persistent trust.

Explore Offer on the Azure Marketplace



  • Available Consent APIs

  • Speed development

  • Better customer UX

  • Open up new markets

  • Lower EHI handling risk

  • Enable innovation

PHI / EHR Data Custodians

  • Empowers interoperability 

  • Lowers burden of ONC compliance

  • More secure 

  • Superior user experience

  • Immutable provenance and audit

  • Lower cost and complexity

  • Speed digital transformation

Health Consumers

  • Ease of use

  • Control & visibility over PHI access and sharing preferences

  • Prevent PHI oversharing 

  • Mobile UX

  • Patient directed interoperability 

  • Increased security

  • Respect for privacy

Solution Architecture

Identity, Consent and Data Verifiable Credentials (VCs)

Data Sharing Flow v1-crop.png
Why Is "Fine-Grained" Consent Management Important?

Fine-grained consent management (FGCM) has always been a precursor to any patient’s right to access and share their health data. Hospital information management experts have faithfully managed complex release-of-information (ROI) workflows and systems for years – to ensure overall security and a patient’s right to privacy while enabling their access and sharing choices over health information with family, attorneys, employers, providers, and others.

FHIR driven data-interoperability raises the bar. Data definitions such as USCDI (v 1.0, 2.0, ...) now set standards on what PHI is exposed; but, fine-grained consent management still lags, frustrating healthcare consumers that want control over their PHI by forcing them to over-share data and threatening their privacy with little to no ability to recall or update their consent intentions. In fact, true patient-centric digital health transformation is impossible without a solution for fine-grained consent management.

From the PHI / EHR data custodian’s (Providers, Payers, etc.) perspective, the pressure is now on to meet ONC’s 21st Century Cures Act mandates for compliance, while the technical complexity of what to do ratchets up. Following close behind is a wave of consumer-oriented privacy regulations (GDPR, CCPA, etc.) that will further elevate the need for healthcare data custodians to capture, manage and prove compliance with patient directed intent.