> ## Documentation Index > Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt > Use this file to discover all available pages before exploring further. # Electronic Consent & Redisclosure Tracking — Admin Guide > Feature: CL-11-EN-01 Module: Clinical (CL) Audience: Organization Administrators, Compliance Officers **Feature:** CL-11-EN-01\ **Module:** Clinical (CL)\ **Audience:** Organization Administrators, Compliance Officers *** ## Overview The Electronic Consent module enables your organization to capture, manage, and track patient consents for sharing substance use disorder (SUD) treatment records under 42 CFR Part 2. It provides: * **Electronic consent capture** with typed e-signature * **Granular consent categories** (treatment, payment, operations, providers, research) * **Consent lifecycle management** (active, expired, revoked) * **Expiration alerts** at 30, 14, and 7 days before expiration * **Redisclosure audit trail** — immutable log of all record disclosures * **Compliance dashboard** with aggregate statistics *** ## Accessing the Feature Navigate to **Clinical → Electronic Consents** (`/cl/electronic-consents`). **Required permission:** `cl.electronic-consent.view` *** ## Permissions | Action | Permission Key | Default Roles | | ------------------------- | ------------------------------ | -------------------------- | | View consents | `cl.electronic-consent.view` | org\_admin, manager, staff | | Create consents | `cl.electronic-consent.create` | org\_admin, manager, staff | | Revoke consents | `cl.electronic-consent.revoke` | org\_admin | | View redisclosure log | `cl.redisclosure-log.view` | org\_admin, manager, staff | | Record disclosures | `cl.redisclosure-log.create` | org\_admin, manager, staff | | View compliance dashboard | `cl.compliance_report.view` | org\_admin | To modify role assignments, go to **Settings → Permissions**. *** ## Creating a Consent 1. Click **New Consent** on the Consents tab 2. Enter the patient ID 3. Select consent categories (at least one required): * **Treatment** — sharing for treatment purposes * **Payment** — sharing for payment/billing * **Operations** — sharing for healthcare operations * **Providers** — sharing with specific providers * **Research** — sharing for research purposes 4. Set the effective date and optional expiration date 5. Complete the e-signature: * Type the signer's full legal name * Review and confirm the attestation statement 6. Click **Sign and Activate** to create an active consent, or **Save Draft** to save without signing *** ## Revoking a Consent 1. Find the consent in the Consents tab 2. Click the revoke action (requires `cl.electronic-consent.revoke` permission) 3. Review the irreversibility warning 4. Confirm revocation **Important:** Revocation is permanent and cannot be undone. Once revoked, no new disclosures can be recorded against this consent. *** ## Recording a Disclosure 1. Navigate to the **Redisclosure Audit** tab 2. Click **Record Disclosure** 3. Select the active consent authorizing the disclosure 4. Enter: * **Recipient** — who is receiving the records * **Purpose** — why records are being shared * **Records disclosed** — types of records shared 5. Review the 42 CFR Part 2 prohibition-on-redisclosure notice preview 6. Click **Record Disclosure** The disclosure is permanently logged and cannot be edited or deleted. *** ## Expiration Alerts The system tracks consent expiration dates and provides visual alerts: | Days Until Expiration | Status | Indicator | | --------------------- | ------- | ---------------- | | > 30 days | OK | No alert | | 14–30 days | Warning | Yellow indicator | | 7–14 days | Urgent | Orange indicator | | ≤ 7 days or past | Expired | Red indicator | Use the **Expiring Soon** filter on the Consents tab to view consents approaching expiration. *** ## Compliance Dashboard The Part 2 Compliance Dashboard (`/cl/compliance/part2`) shows aggregate statistics: * **SUD Charts** — total charts with SUD-flagged records * **Active Consents** — current Part 2 consents on file * **Consent Coverage** — percentage of SUD charts with active consent * **Disclosures** — total disclosure log entries * **Redisclosures** — disclosures with redisclosure flag **No patient identifiers are displayed** on this dashboard, consistent with 42 CFR Part 2 requirements. *** ## Audit Trail All consent and disclosure actions are tracked: * Consent creation (who, when, categories, signature) * Consent revocation (who, when) * Disclosure recording (who, when, to whom, what, why) The redisclosure log is **append-only** — entries cannot be modified or deleted by any user, including administrators. This ensures chain-of-custody integrity for regulatory compliance. *** ## Troubleshooting | Issue | Resolution | | -------------------------- | ---------------------------------------------------------------------------------- | | Cannot create consent | Verify `cl.electronic-consent.create` permission is assigned | | Cannot revoke consent | Only `org_admin` role has revoke permission by default | | Cannot record disclosure | Ensure consent is in `active` status; expired/revoked consents cannot be used | | Compliance dashboard empty | Verify `cl.compliance_report.view` permission; data is scoped to your organization | *** ## References * [42 CFR Part 2 Final Rule](https://www.hhs.gov/hipaa/part-2/index.html) * [42 CFR Part 2 Fact Sheet](https://www.hhs.gov/hipaa/for-professionals/regulatory-initiatives/fact-sheet-42-cfr-part-2-final-rule/index.html)