The system SHOULD provide the ability to manage Consents and Authorizations from a Personal Health Record according to scope of practice, organizational policy, and/or jurisdictional law.

The system SHOULD provide the ability to render the identity and relationship (e.g., Dr. Smith, primary care physician or Jane Doe, sister-in-law) of the person(s) for which the Consent or Authorization applies.

The system SHOULD provide the ability to manage access control to the patient's information as specified by the Consent or Authorization according to scope of practice, organizational policy, and/or jurisdictional law.

The system SHOULD provide the ability to manage access control for the section(s) of the patient's record to which the Consent or Authorizations applies according to scope of practice, organizational policy, and/or jurisdictional law.

The system MAY provide the ability to manage access control for individual elements of records to which the Consent or Authorization applies according to scope of practice, organizational policy, and/or jurisdictional law.

The system MAY provide the ability to manage access control for the time period within which the Consent or Authorization applies according to scope of practice, organizational policy, and/or jurisdictional law.

The system MAY provide the ability to render Consents and Authorizations.