CSU Workgroup Team
A Top Priority for SOCI: Driving Progress on Consent
Stewards of Change Institute strongly believes that modernizing processes for providing informed consent – which are currently highly siloed and paper-based – is critically important for a variety of reasons. Those include enhancing efficiencies, lowering costs and improving outcomes, as well as empowering disadvantaged populations and remediating socioeconomic and racial disparities. As a consequence, we are conducting a variety of projects that explicitly aim to drive significant progress on consent. They include:
A scan of national, state and organizational initiatives in the U.S. that also focus on improving consent processes. It’s titled “Modernizing Consent to Advance Health and Equity.” In it, we’ve looked closely at the world of healthcare, because that’s where the most consent-related work is taking place; importantly, however, we’ve also gathering information about technical advances, legal issues and best/promising practices in other “social determinants” domains that impact everyone’s health and well-being (education, child welfare, etc.).The objective of this unprecedented effort, funded by the Robert Wood Johnson Foundation, is to better-understand what’s working, what’s not working, what best/promising practices are out there to build on, and where the holes are that need to be filled. We hope and believe that knowledge will accelerate progress broadly in many fields and at many levels; for instance, making consent more efficient and effective will enable better care coordination across the many services which millions of people in our country routinely receive, but which currently don’t “talk” effectively to each other for reasons including clunky, antiquated processes for obtaining people’s informed consent to securely share their personal information.As an integral part of this project, we organized three teams of subject-matter experts who provided their counsel/guidance, helped us review literature (studies, reports, websites, etc.), conduct interviews with additional experts and otherwise assist in the work involved. The three teams were Technical, Legal and Promising Practices. The report is being disseminated broadly, including publication on the NIC Hub of a “living” version that can be added to and amended over time so its content remains current and broadly useful for professionals across the country to learn from and further their own relevant work. To read or download the report, visit the SOCI website. If you have questions about this exciting project, please write to firstname.lastname@example.org.
- Development, testing and deployment of a game-changing new approach we’re calling Project Unify’s Consent Service Utility (CSU). Our aim is to create an open-source, open-data, open-API, open-standards based process for providing and/or revoking permission for the exchange of personal/private data across numerous health, healthcare and social services domains. We’re starting with pilot/test sites in New Jersey and New York that focus on young people in the child welfare system – or at risk of involvement in the system – and our intent is to begin scaling this effort throughout the U.S. within a year or so. If you’re interested in learning more or participating in this groundbreaking initiative, please write to email@example.com.
There are several components of our CUS project; here’s a brief glimpse of what they entail:
a. Consent Service Utility Business Requirements Specification. Heavily informed by the results of our National Consent Services Scan (see above), this work will define the business requirements for a National Consent Service Utility. These requirements should include at minimum:
• what information domains, and their legal requirements, should be supported by a Consent Utility Service (e.g. healthcare, behavioral health, education, child welfare, etc.);
• what types of data or system standards should be supported (e.g. CEDS/SIF/EdFi for education, FHIR/HL7 for healthcare, NIEM for justice, etc.);
• what types of requests and responses should be supported by the Utility (e.g. yes/no/yes-w-obligations, redaction, etc.);
• what levels of distribution or federation of consent services (e.g. only local, community-based, state-wide, regional, national).
b. National Consent Services Best Practices Specification - In the future, the Promising Practices section of National Consent Services Scan Report may be expanded upon to create a separate document that will provide operational guidance to National Consent Utility Services operators.
We’ve also formed several technology workgroups that are engage deeply in this effort; here’s a brief glimpse at what they’re up to:
a. Consent Service Technology Blueprint - Guided by the Consent Service Utility Business Requirements Specification, this technical implementers agreement will define how to use existing, developing, or potential new standards to implement a Consent Service Utility. This specification may include one or more examples of how to define privacy and consent assertions for specific information domains based on standard access control and business rules.
b. Open Source Consent Service Utility Implementation - In the future, if appropriate funding can be secured, Project Unify could implement an open source software implementation of a Consent Service Utility. This Utility could be specific to an individual community or be the foundation of a Nation-wide multi-domain Consent Service, depending on funding and funder's requirements.
- A new course, titled “Managing Privacy and Consent,” for our InterOptimability Training Curriculum and Certification (ITCC) program. This course, which is now open for registration, provides foundational knowledge designed to help any organization – public or private – better-understand, navigate and/or accelerate its interoperability efforts. More specifically, it offers your personnel the core competency they need to develop and manage projects that involve the sharing of private/sensitive data – notably including an understanding of when inter-agency data sharing is legally permissible or restricted, and how law and policy define the roles and responsibilities of the involved entities.
Our unique approach provides an overview and roadmap for managing privacy and consent across health and human services domains (ex., education, child welfare, justice and behavioral health) and within the parameters of varying federal and state laws and regulations. And that means the general understanding of core privacy and consent concepts contained in the course can be used to navigate the increasingly complex world of interoperability, whole-person care, consent management, the social determinants of health and well-being, and other critical elements of effective information-sharing efforts.
To learn more or to register for the course, go to https://stewardsofchange.org/interoptimability-training-curriculum-certification-itcc-program/. You and/or your organizational colleagues can also sign up there for the first ITCC course, if you haven’t taken it yet; titled “Understanding and Implementing InterOptimability,” it provides the core knowledge and tools for furthering your own interoperability and information-sharing efforts. Our upcoming third ITCC course, on Confidentiality and Security, is a “partner” to the new one on Privacy and Consent – and we’re developing more courses for the months and years ahead.