Privacy eSuite is the web-based ‘consent engine’ at the heart of our ability to manage and enforce consumer, organizational and jurisdictional privacy policies in a diverse EHR ecosystem. Our software is deployed in healthcare organizations, health information exchanges and regions both large and small.

Privacy eSuite consists of the following web services:

1. Consent Management Service – the CMS enables privacy policies to be administered and processed into computable access rules
2. Consent Validation Service – the CVS determines if a user’s access to a patient’s personal, protected health information (PHI) is appropriate based on the rules of the existing privacy policies
3. Universal Audit Repository – the UAR is the IHE ATNA-compliant central audit repository that tracks audit events related to updates, queries and access/attempted access to PHI.

Privacy eSuite supports ‘break-the-glass’ (override) access to PHI. 

The software enables granular, standards-based privacy policies applicable to:

• purpose of use – e.g. treatment, research, marketing
• information type – e.g. laboratory results, radiology exam, medication
• specific user(s) – e.g. roles, groups of users, facility
• PHI identifiers – e.g. category codes, classification codes