Learn About Consent Management
Learning Objectives
After completing this unit, you’ll be able to:
- Describe consent management and consent management.
- Understand the importance of consent management.
- Explain the regulations that protect customer’s data and privacy.
Before You Start
Before you start this module, consider completing the following recommended content.
The Green Light for Consent
Chances are that you’ve visited a website and gotten a prompt asking for your consent to collect data through cookies. If you clicked OK, you gave the website permission to collect your personal information and data viewing habits to help them understand and better predict your needs. This scenario sums up what online consent is all about.
But while organizations are bound by law to use certain information for certain purposes only, there is a risk of loss or misuse of customers’ personal data. This is where consent management comes in. Consent management is a system that helps you comply with the data protection and privacy regulations that apply to your company.
Data Protection and Privacy Regulations
Advances in technology have helped providers collect personal data, but this has also created challenges around protecting that data. To help address this issue, countries across the world created a number of regulations and frameworks that companies must follow.
These policies include the following:
- General Data Protection Regulation (GDPR), European Union
- California Consumer Privacy Act (CCPA), United States
- Personal Information Protection Act (PIPA), Japan
- Health Insurance Portability and Accountability Act (HIPAA), United States
- Personal Information Protection and Electronic Documents Act (PIPEDA), Canada
Data protection and privacy regulations require companies to keep individuals’ personal data secure and private. And the healthcare industry, with its access to extremely sensitive and personal data, is certainly no exception. Let’s look at what consent management looks like in the healthcare industry and how Salesforce can help.
Consent Management in Healthcare and Life Sciences
Consent management is a particularly big deal in healthcare. If you’ve been to a hospital, chances are you’ve been asked to sign a set of documents. Through these documents, you acknowledge and consent to the privacy rights of your protected health information so that the medical staff can proceed with the required plan of action.
From a healthcare provider’s perspective, consent management is of great importance as it helps them plan for the future. Providers can collect personal data and keep it on file so that they can access it in future if there’s ever a need to do so.
However, providers must respect customers’ wishes, especially when they request specific types or hours of contact or opt out of certain types of data-sharing.
Let’s review some common customer requests and what providers must consider.
Common customer request
|
Actions to take
|
Things to consider
|
---|---|---|
A patient wishes to be contacted only by email, not by phone or any other channel. |
Delete information in the Phone and Mobile fields for lead, account, and contact records. |
In those records, select Do Not Call. Ask your patient about which forms of communication they allow for patient care purposes, and retain the information specific to those forms. Consider deleting information related to the ways in which they prohibit contact. |
A participant in a drug trial wishes to stop participating. |
Set an expiration date for the participant’s consent. |
You won’t be able to delete some data, such as participant e-signatures, even when the consent that they certify is withdrawn. For example, participant data for some drug trials must be stored until a required retention period expires. |
How Consent Management Helps Patients
April Guthman works as a care coordinator for Bloomington Caregivers, a home health care agency in Bloomington, Minnesota, providing full-spectrum care for the elderly.
Her work includes keeping track of her patients’ health issues and suggesting healthcare programs that could help them. One such long-term patient is Charles Green. April knows that Charles has been suffering from lower back pain. He would be a perfect fit for the GoodHealth Pain Management program that is part of the StayHealthy Hospital. But enrolling him in this program requires Charles’ signature on a consent form along with a few other details. And before he does that, Charles needs to confirm his identity by providing valid identification.
How does this consent authorization help Charles? By filling out the consent form associated with the back pain care program, Charles has control over what information he wants to share, how long this information can be stored, and who it’s shared with. He also can go back and check the forms that he gave his consent to. Charles also has control over who can manage his healthcare information and how it’s being used.
For April to get the consent form for the back pain program in place, she needs the help of Harryette Randall, the office manager and Salesforce admin for Bloomington Caregivers. Harryette must set up certain permissions and licenses and make existing consent forms available for the care program enrollment process. See how she does this in the next unit.
Resources
-
Salesforce Help: Consent Management for Health Cloud
-
Salesforce Help: Data Protection and Privacy
-
Salesforce Help: Consent Management: Track Customer Consent and Honor Opt-Out Requests