New Consent Management in WSO2 Open Healthcare Solution Simplifies Compliance with US Mandates for Giving Patients Control Over Their Data

WSO2’s comprehensive, easy-to-deploy Consent Management speeds CMS and ONC compliance via FHIR APIs and puts the power of consent in the hands of healthcare consumers

Mountain View, CA, Feb. 16, 2021 (GLOBE NEWSWIRE) — Healthcare organizations collect and share individually identifiable patient healthcare information every day. In 2021, United States regulators are requiring that these enterprises not only protect this data but also put the power of consent into the hands of patients through the use of Fast Healthcare Interoperability Resources (FHIR) APIs. WSO2 is addressing this challenge today with the launch of new Consent Management functionality in WSO2 Open Healthcare.

WSO2’s Consent Management is a trusted, flexible, out-of-the-box solution and portal for gaining consent in a manner consistent with current regulatory requirements—enabling organizations to quickly meet FHIR compliance standards. Available with the latest release of WSO2 Open Healthcare, the comprehensive functionality provides an ongoing process for provisioning, requesting, collecting, enforcing and logging activity related to patient or member data acquisition and management during the lifetime of the relationship.

Now with WSO2’s Consent Management functionality:

  • Healthcare organizations working with Medicare and Medicaid can exchange health information and claims data, as well as share this data with patients electronically and securely via an API. This ensures healthcare organizations comply with the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS) mandates—and avoid potential penalties of up to $1 million per violation.
  • Individual healthcare consumers have the power to control access to health information—effectively coordinating care for themselves and for those whose care responsibility they have been granted, such as children or parents.
  • Third-party app developers can enable personalized privacy by assigning consent policies to apps—for example, those running on healthcare consumers’ personal fitness devices or healthcare professionals’ medical diagnostics systems.

In support of the introduction, WSO2 will conduct a webinar that examines the ONC and CMS consent management requirements US healthcare organizations need to meet in 2021 and how WSO2 Open Healthcare with Consent Management can help to fast track their efforts. The session will be held February 24, 2021 at 8:00 a.m. PST / 4:00 p.m. GMT. To learn more, visit

“The pandemic has served to accelerate the move toward digitally-enabled health and wellness services among healthcare organizations and consumers, alike. In this context, failure to give patients control over access to their data is a costly mistake, both in terms of potential fines and lost customers,” said WSO2 Vice President of Solutions Architecture Mifan Careem. “With the new FHIR-compliant Consent Management functionality in our WSO2 Open Healthcare solution, we’re lowering the technology barriers to managing consent. Now healthcare organizations can streamline their compliance in 2021 and focus on the digital innovation that will fuel their future growth.”

Cutting the Complexity from Consent Management
The new Consent Management functionality extends the capabilities of WSO2 Open Healthcare, the purpose-built solution for healthcare payers and insurers, healthcare providers, hospital networks, pharmacy benefit managers, healthcare organizations, and others serving the healthcare market. The interoperability solution goes beyond basic healthcare accelerators to provide healthcare organizations with the foundation for implementing a comprehensive digital API strategy. It also integrates securely with electronic medical records (EMR) systems, health databases, and software-as-a-service (SaaS) applications.

WSO2’s Consent Management feature captures a record of healthcare patients and healthcare insurance members policy choices, which permits or denies identified recipient(s) or applications access to individually identifiable health information (IIHI) and personally identifiable information (PII), for specific consent purposes and periods of time. Using the functionality, an organization’s administrators can define any custom consent purpose that can be used on FHIR resources suited to their business objectives. Additionally, since the Consent Management feature is built on top of WSO2’s customer identity and access management (CIAM) platform, healthcare organizations can use the same platform to build out a CIAM strategy for their digital healthcare stakeholders.

The Consent Management functionality in WSO2 Open Healthcare incorporates four key functions:

  • Consent administration is used to register the consent purposes in the open healthcare server and define consent policies through a healthcare administrator portal. It also lets administrators filter shared data with third-party applications based on the patient consent and record patient consent-related activity.
  • Consent requisition lets application developers create an app in the open healthcare developer portal and select the consent purposes for the applications that are requested by the app’s users.
  • Consent collection is used to capture patient and member consent when sharing data through a third-party application, whether it is captured directly in the app or via the built-in self-care portal.
  • Consent enforcement processes consents for users and enforces consent decisions on the response shared with a third-party application.

Leveraging years of healthcare industry implementation expertise, WSO2 Open Healthcare featuring Consent Management is built on WSO2’s market-leading API management, integration, and customer identity and access management (CIAM) platforms.

WSO2 Open Healthcare featuring FHIR-Compliant Consent Management is available today as a cloud-based, on-premises or hybrid solution to maximize flexibility. It is available as a turnkey service on the cloud with pre-built APIs and connectivity. It can also be deployed as a software download that runs directly on servers or as a hybrid deployment, on top of a private platform as a service (PaaS), or on top of infrastructure as a service (IaaS). Customers also can choose to have WSO2 host the software through WSO2 Managed Cloud hosted services as a dedicated deployment. Organizations can learn more about features, functionality, pricing, and how to set up a test solution; schedule a demo with a healthcare solution architect; or sign up for a free tenant by visiting

About WSO2
Founded in 2005, WSO2 enables the composable enterprise. Our open source, API-first, and decentralized approach helps developers and architects to be more productive and rapidly build digital products to meet demand. Customers choose us for our broad, integrated platform, approach to open source, and digital transformation methodology. The company’s hybrid platform for developing, reusing, running, and managing integrations prevents lock-in through open source software that runs on-premises or in the cloud. With offices in Australia, Brazil, Germany, Sri Lanka, the UK, and the US, WSO2 employs over 700 engineers, consultants, and professionals worldwide. Today, hundreds of leading brands and thousands of global projects execute over 6.2 trillion transactions annually using WSO2 integration technologies. Visit to learn more. Follow WSO2 on LinkedIn and Twitter

Trademarks and registered trademarks are the properties of their respective owners.

CONTACT: Molly Ryner
Lewis Global Communications for WSO2

error: Content is protected !!