Existing Wording: Gap

Proposed Wording: Add a new node Consent.representation defined as "Indicates the use of consent content for conveying representations or metadata about a Consent Directive, which are not equivalent to the legally binding agreement between the consenting grantor and grantee. Control is (0..1). Bind to example value set:

*Consent Statement, defined as: "An electronic representation of a Consent Directive, which has less than full fidelity to the legally binding Consent Directive from which it was "transcribed", that is used to provide recipients with the full content representation they may require for compliance purposes, and may include a reference to or an attached unstructured representation for recipients needing an exact copy of the legally binding Consent Directive with which they must comply. Includes Security Labels assigned to the Consent Statement being exchanged and within the Consent Statement content to convey the sender, receiver, and downstream user consent policy compliance requirements."

*Consent Metadata, defined as: "Consent content derived from a Consent Directive, which conveys the minimal set of information needed to manage consent directive workflow, including registration of active and revoked Consent Directives; query/response transactions by which interrogators ascertain whether they are authorized to share specific information governed under specific Consent Directives with one or more recipients by notification or in response to requests; and retrieval of the Consent Directive from its custodian. Includes Security Labels assigned to the Metadata exchange and within the Metadata content to convey the sender, receiver, and downstream user consent policy compliance requirements."

*Consent Registration Metadata, defined as: "Consent content derived from a Consent Directive, which conveys the minimal set of information needed to manage consent directive registration of active and revoked Consent Directives. Includes Security Labels assigned to the Metadata exchange and within the Metadata content to convey the sender, receiver, and downstream user consent policy compliance requirements."

*Consent Sharing Metadata, defined as: "Consent content derived from a Consent Directive, which conveys the minimal set of information needed for query/response transactions by which interrogators ascertain whether they are authorized to share specific information governed under specific Consent Directives with one or more recipients by notification or in response to requests. Includes Security Labels assigned to the Metadata exchange and within the Metadata content to convey the sender, receiver, and downstream user consent policy compliance requirements."

*Consent List Metadata, defined as: "Consent content derived from a Consent Directive, which conveys the minimal set of information needed for locating a filtered set of Consent Directives, e.g., a list of all Consent Directives, of Consent Directives collected, managed by, or registered with a custodian; Consent Directives by type, consent policy, status, dates, governed information, permitted actions, or authorized entities. Includes Security Labels assigned to the Metadata exchange and within the Metadata content to convey the sender, receiver, and downstream user consent policy compliance requirements."

Add a new sub-node Consent.representation.identifer defined as: The unique indicator of the Consent.representation identity used for management and retrieval of a Consent Statement or any type of Consent Metadata. Control is (1..1).

Add a new sub-node Consent.representation.status defined as: The lifecycle state of the Consent.representation used for workflow management of a Consent Statement or any type of Consent Metadata. Control is (0..1). Binding is to applicable codes in the Consent.status value set proposed in these comments.

Comment:

The Consent Resource front matter and some of the elements indicate that this resource is intended to support several use cases in addition to supporting these use cases in different healthcare verticals, e.g., medical treatment, research, and advance directives. However, there is no clear way in the model to differentiate the usage to which the consent content is intended to be used. There was some discussion about profiling this resource to support consent management and tracking. Such profiling would not be possible with the current model, and could be supported by the current model with the addition of a new node to indicating when the Consent content is not intended to convey a legally binding Consent Directive, where that would be considered the default usage. I.e., when the Consent content is a Consent Statement, which is not legally binding, yet contains sufficient content for determining and documenting Consent Directive compliance; or when the Consent content is used as more or less terse Consent Metadata to enable the registration, notification, and query/response transactions required to manage the Consent Directive and workflows impacted by the Consent Directive, such as assigning security labels to disclosed information or including security labels in e.g., orders, observations, claims, and ADT transactions for data segmentation and access control.

Summary:

Consent resource lacks the ability to clearly differentiate different uses of consent content