Request:
As the old payer in a business to business payer data exchange scenario, I want the consent record that the new payer provides in the $member-match input to require the new payer is identified/captured/included so when I (as old payer) write the consent record to my FHIR server, I have traceability as to the payer that created the consent record initially.

---------------------------------------------
Zulip discussion:
Per Brett Atwood (IBM Watson Health) 1/31/22:
If I'm the old/prior payer and I want to write (to my FHIR server) the consent resource that the new payer provided in the $member-match input, what attribute in the consent resource identifies who that new payer is? I think the new payer is intended to be represented in the organization reference identifying the new payer as the 'Custodian of the consent' but (1) that element is not required and (2) if it is populated with a reference, as old payer I have no way to resolve that reference, e.g. it's a meaningless link. How can the old/prior payer be confident that the consent resource captures the identity of the new payer - or can't they?

Per Lloyd McKenzie 1/31/22:
You're right. There should be a slice in the Consent that captures the data source authorized to disclose, not just the information recipient they're allowed to disclose to. Can you submit a change request?