Privacy & Consent Management

SHIIP supports the use of consent directives to control access to patient profiles. Users with access to SHIIP’s consent management tool can apply and manage individual consent directives.

  • Users can apply consent directives on behalf of their organization.
  • Users can apply consent directives in two different levels: Patient or Visit.
  • Users are allowed directive overrides that can apply to an entire organization or a specific user, if a patient’s profile must be opened, such as during a life-threatening situation. These overrides have a set expiration day and time.

The Audit Tool

For those in a privacy officer role, SHIIP designed an audit tool to help healthcare organizations to identify vulnerabilities and potential risks. The tool tracks a variety of activity, threats, and information in SHIIP, and to ensure that they are in compliance with relevant regulations and standards.

SHIIP offers five different audit reports currently. Each report is exportable into a .csv (usable in Microsoft Excel) format.

  • The User Login Summary Report
  • The User/Patient Activity Report
  • The Privacy Training Report
  • The Suspected Breach Report
  • The Auditing Summary Report