The Reimagined Trailblazer Community is Here! Learn More.

Learn About Consent Management for Health Cloud

Learning Objectives

After completing this unit, you’ll be able to:

  • Describe consent management and consent management in Health Cloud.
  • Understand the importance of consent management.
  • Explain the regulations that protect customer’s data and privacy.

Chances are that you’ve visited a website and gotten a prompt asking for your consent to collect data through cookies. If you clicked OK, you gave the website permission to collect your personal information and data viewing habits to help them understand and better predict your needs. This scenario sums up what online consent is all about. 

But while organizations are bound by law to use certain information for certain purposes only, there is a risk of loss or misuse of customers’ personal data. This is where consent management comes in. Consent management is a system that helps you comply with the data protection and privacy regulations that apply to your company. 

Data Protection and Privacy Regulations

Advances in technology have helped providers collect personal data, but this has also created challenges around protecting that data. To help address this issue, countries across the world created policies. 

These are a few regulations that are important to many companies collecting and processing their customers’ data around the world.

  • General Data Protection Regulation (GDPR), European Union
  • California Consumer Privacy Act (CCPA), United States
  • Personal Information Protection Act (PIPA), Japan
  • Health Insurance Portability and Accountability Act (HIPAA), United States
  • Personal Information Protection and Electronic Documents Act (PIPEDA), Canada

Data protection and privacy regulations require companies to keep individuals’ personal data secure and private, and this certainly includes the healthcare industry. Let’s look at what consent management looks like in the healthcare industry and how Health Cloud can help.

Consent management is a big deal in healthcare. If you’ve been to a hospital, chances are you’ve been asked to sign a set of documents that require certain information about your health. Through these documents you acknowledge and consent to the privacy rights of your protected health information so that the medical staff can proceed with the required plan of action.

From a healthcare provider’s point of view, consent management is of great importance as it helps them plan for the future. Provider’s can collect personal data and keep it on file so that they can access it in future in case there’s ever a need to do so.

However, providers must respect customers’ wishes especially when they request only specific types or hours of contact or opt out of certain types of data-sharing.

Let’s review some common customer requests and what providers must consider.

Common customer request 

Actions to take

Things to consider

A patient wishes to be contacted only by email, not by phone or any other channel.

Delete information in the Phone and Mobile fields for lead, account, and contact records.

In those records, select Do Not Call.

Ask your patient about which forms of communication they allow for patient care purposes, and retain the information specific to those forms. Consider deleting information related to the ways in which they prohibit contact.

A participant in a drug trial wishes to stop participating.

Set an expiration date for the participant’s consent.

You won’t be able to delete some data, such as participant e-signatures, even when the consent that they certify is withdrawn. For example, participant data for some drug trials must be stored until a required retention period expires.

April Guthman works as a care coordinator for Bloomington Caregivers, a home health care agency in Bloomington, Minnesota, providing full-spectrum care for the elderly.

April Guthman tells patient Charles Green about the consent forms.

Her work includes keeping track of her patients’ health issues and suggesting healthcare programs that could help them. One such long-term patient is Charles Green. April knows that Charles has been suffering from lower back pain. He would be a perfect fit for the GoodHealth Pain Management program that is part of the StayHealthy Hospital. But enrolling him in this program requires Charles’ signature on a consent form along with a few other details. And before he does that, Charles needs to confirm his identity by providing any form of identification.

How does it help him? By filling out the consent form associated with the back pain care program, Charles has control over what information he wants to share, how long this information can be stored, and who it’s shared with. He also can go back and check the forms that he gave his consent to. Charles also has control over who can manage his healthcare information and how it’s being used. 

For April to be able to get the consent form for the back pain program in place, she needs the help of Harryette Randall, the office manager and Salesforce admin for Bloomington Caregivers. Harryette has to set up certain permissions and licenses and make existing consent forms available for the care program enrolment process. See how she does this in the next unit. 


Keep learning for
Sign up for an account to continue.
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities