Patient Summary Consent Tab

When your organization enables the Patient Consent feature, the Consent tab can be accessed from the Patient Summary view.

Help Topics on This Page

- Patient Consent Feature Overview
- Patient Consent System Authorizations
- Organization Patient Consent Model
- Exceptions that Allow Consent Policy Override
- View Patient Consent Policies
- Add Patient Consent Policy

Patient Consent Feature Overview

The Patient Consent feature is designed to enable a patient (or proxy) to explicitly permit or deny access to patient health information contained in the health information exchange (HIE) global repository. The Patient Consent feature allows a patient (or proxy) to do the following things:

  • Better control who can view their information in the HIE global repository.
  • Change their consent choice and retroactively apply the change to data in the HIE.
  • Access and view their health information in the patient portal while denying access to provider portal users.

When your organization enables the Patient Consent feature, Global search functionality is affected. If Consent is enabled, when you select Global from the Patient Search page, the following text is displayed at the bottom of the page:

Consent processing is enabled. If you experience issues retrieving patient information in Global Search, please contact [Consent Test Org (999) 999-9999] for patient access record questions.

Note: The information in brackets is determined by your organization when implementing the Patient Consent feature. 

See the Global Search and Patient Consent Feature topic for more information about how Global search is impacted when the Patient Consent feature is enabled in your portal.

Patient Consent System Authorizations

Authorizations allow profiled users to either view only or view and add Patient Consent policies within the portal.

Users who are profiled with a Consent authorization can perform a Global search to locate a patient who has an active Deny policy (patient has denied access to their records). The authorization allows the user to locate the patient to view or add Consent policies only. The patient's health records remain locked from viewing because the patient has an active Deny policy. The only information the authorized user can access is what is on the Patient Summary > Consent tab. No other Patient Summary tabs are displayed. When a user who does not have Consent authorization executes a Global search for a patient with an active Deny policy, they will not find the patient.

If the patient has an active Permit policy or the organization’s Patient Consent model is Permit (and the patient does not have an active Deny policy), users can access the patient’s records and can view or add consent policies based on what they are authorized to do.

Organization Patient Consent Model

A system setting is used to specify your organization's Patient Consent model. This is the Consent model in effect for all organizations in your HIE when the patient does not have an active consent policy on file. When the Patient Consent feature is enabled, your organization's Patient Consent model (Permit for All Organizations or Deny for All Organizations) is displayed in the Patient Summary > Consent tab. It is labeled Patient Consent Default if no Consent on File

Note: Depending on your organization’s Patient Consent model (Permit or Deny) and a patient's active consent policy which permits or denies users (belonging to your group or practice) access to their records, you might be unable to access the patient's records through Global search.

Exceptions that Allow Consent Policy Override

Patient Consent exceptions can be configured to override an organization's Deny model or patient's Deny policy. Exceptions are executed through the Global Search Reasons dialog box. Depending on Patient Consent feature configuration and the Global search reason selected, users can possibly override a Deny model or policy to gain access to a patient's health information (for example, in an Emergency). Select the following scenarios for more information:

- Consent Policy Override when Organization Model is Deny
- Consent Policy Override when Patient Deny Policy on File

Consent Policy Override when Organization Model is Deny

If your organization's Patient Consent model is Deny for All Organizations, users performing Global search are automatically denied access to health information for all patients in the HIE global repository. Your organization can opt to allow exceptions to the Deny policy and permit users access to patients' records through Global search. The Global search reason the users select (for example, Emergency) must be configured as an acceptable Deny model override and the patient must not have an active consent policy on file for the override to occur.

If allowable overrides are configured, they are displayed in the Patient Summary > Consent tab with the following label: Overrides Allowed for These Purposes if No Consent on File.

Consent Policy Override when Patient Deny Policy on File

If patients have active Deny policies on file, they have denied Global search users access to their health records. Your organization can opt to allow exceptions to the patients' Deny policies and permit users access to patients' records through Global search. The Global search reason the users select (for example, Emergency) must be configured as an acceptable Deny policy override. 

If allowable overrides are configured, they are displayed in the Patient Summary > Consent tab with the following label: Overrides Allowed for These Purposes if Explicit Deny Consent on File.

View Patient Consent Policies

From the Patient Summary > Consent tab, select one of the following options from the list to view patient consent policies:

  • View current consent policies in effect.
  • View all consent policies on file.

The consent policies are displayed in the grid. The grid contains the following columns:

Patient Consent Policies Grid
 Column  Description
 Organization The organization, group, or practice that the policy applies to. If there is a Related Organizations link, the policy applies to those organizations, groups, or practices as well.
 Consent The consent policy the patient has on file for the specified organization, group, or practice (Permit or Deny). Global search users are either permitted or denied access to patient health information based on the value in this column. Policy override exceptions may apply.
 Date Added The date the policy was added.
 Updated By / Source The user who added the policy or the source system that sent the transaction to add the policy.
 Start Date The date the policy starts.
 End Date The date the policy ends. End Date is not applicable to Deny policies. To end a Deny policy, supersede it with a Permit policy.
 Current Status

The policy's status. The following statuses are possible:

  • Active - The policy is currently in effect.
  • Expired - The policy is no longer in effect because the current date is past the policy End Date.
  • Superseded - A subsequent policy took the place of this policy.

Add Patient Consent Policy

Preauthorized users can manually add patient consent policies from the Patient Summary > Consent tab. 

- Add Deny Policy
- Add Permit Policy

Add Deny Policy

Complete the following steps to manually add a Deny Consent policy for a patient who wants to opt out and not allow HIE users access to their health information through Global search (this is also referred to as Explicit Deny Consent):

  1. From the Patient Summary > Consent tab, select Add New Consent Policy. The Add New Consent Policy dialog box is displayed.
  2. Select an Organization from the list. Organization is required.
  3. From the Consent list, select Deny.
  4. Select a Start Date. Start Date is required. End Date does not apply to a Deny policy. Deny policies do not expire, but a Permit policy can supersede a Deny policy.  
  5. Select Add to add the policy, otherwise select Cancel

Add Permit Policy

Complete the following steps to manually add a Permit Consent policy for a patient who wants to opt in and allow HIE users access to their health information through Global search (this is also referred to as Explicit Permit Consent):

  1. From the Patient Summary > Consent tab, select Add New Consent Policy. The Add New Consent Policy dialog box is displayed.
  2. Select an Organization from the list. Organization is required.
  3. From the Consent list, select Permit.
  4. Select a Start Date. Start Date is required.  
  5. If the patient specified a Permit policy end date, select the End Date. This field is configurable through a system setting. If a value is not entered, the system calculates end date per the value in the system setting.
  6. Select Add to add the policy, otherwise select Cancel.
Copyright Cerner Corporation. All rights reserved.