Privacy Manager

Point of service software application

Enforces patient/consumer, organizational and jurisdictional privacy policies

Integrates with clinical application architecture via HL7 CCOW or simple application interface (API) to allow or deny access to PHI, or allow only through override (‘break the glass’)

Issues IHE ATNA audit messages (e.g. of ‘break the glass’ access to PHI) to the audit service for potential breach reporting

Supports OASIS XACML