Skip to main content

Consent Service FAQ

This article answers common questions about the LifeOmic Platform consent feature. For additional documentation, see Consent.

LifeOmic Consent Service is a managed electronic consent platform that allows users to be a participant in a research study or a user-survey. They can also use it to collaborate with their clinical support team.

Users are invited and presented with a consent form. This form aids their comprehension about the project, streamlines data collection for the project, and provides traceability to project administrators.

An example of this streamlined process is bringing in wearable data from various manufacturers after a user consent has been accepted.

Each Project within an Account can have one informed consent document associated with it. Projects, with the data they will eventually store, are the focal point for a specific study. A Project must select if it will be FDA 21 CFR Part 11 compliant upon creation.

In projects with a consent document, the subject will accept the invitation, then agree to the published consent document to gain access to the surveys or data associated with the project.

A Project may be created within an Account to collect an informed consent from subjects and nothing else, as the LifeOmic Platform is FDA 21 CFR Part 11 compliant.

Does this comply with FDA 21 CFR Part 11 from the FDA?

Correct, the LifeOmic Platform has certified the platform in this process.

Per FDA 21 CFR Part 11, a user may accept a consent form using two distinct identification components with their username and password credential. This username and password has been validated via an email confirmation during the invitation and registration process.

Can I collect a finger signature rather than forcing users to re-enter a username and password for FDA 21 CFR Part 11 compliance?

The LifeOmic Platform does not currently allow the option to collect finger signatures. It's important to note that a finger signature alone would not satisfy the FDA 21 CFR Part 11 requirement for identifying an individual upon document acceptance, and that individual would still be required to re-enter a username and password to accept the consent document.

Based on the requirement within Subpart B, Section 11.10 and Section 11.50 of the FDA 21 CFR Part 11 document, if signed electronic records are collected via a closed system and contain information associated with the signing that clearly indicates the name of the signer, the date and time when the signature was executed, and meaning (such as review, approval, responsibility, or authorship) associated with the signature, those collected signatures are FDA compliant. Authorship cannot be verified via a finger signature because there's no way to prove that individual is who actually signed the document. A username and password entry in a closed system or biometric data verification are the only accepted electronic forms of verification for FDA compliance.

The consent document format is markdown. Markdown allows for rich formatting and inclusion of media.

When drafting a consent form, the LifeOmic Platform Web App provides a rich text editor with various formatting options.

Signed consents are rendered to PDF and are configured with a 1000 year object lock when stored for record retainment.

These records are backed up into a different region.

Consent forms may be versioned in two ways:

  1. Minor versions - For minor revisions that don't require all participants to re-consent, you can publish a new Minor Version.

  2. Major versions - Important revisions to an existing Consent Form (e.g., change in terms) should be published as a major version. Then the Project's users will be assigned this new consent version to agree to.

When terms of consent are updated (major version changes), the Project's users will be assigned the new consent to agree to. If the user revokes the new consent terms, their access to the project will be removed. All previous versions of the consent form including the User responses will be kept.

See the Editing Consent user-guide for more information.

The consent process begins with the Project administrator inviting a user by email address to the Project.

A user must confirm he or she owns the email address that was invited by entering a confirmation code separately sent to the invited email address during registration.

When a user is invited to a Project, they will receive an email invitation to the Project.

Then the Consent form may be answered with a web browser (desktop or mobile) or inside the patient engagement mobile app.

A user receives the signed PDF document of the consent form at their email address.

A user may revoke their consent at any time. This revocation process causes the user to lose access to the Project.

When a user consents, how is that user's data organized and made available?

User data is organized under a subject record inside the Project. The user's data becomes available in a reasonable amount of time.

How quickly is a consented project updated when a user has new records?

The user's data becomes available in a reasonable amount of time.

How are consents managed for a project?

A project admin can see a consent dashboard of users in a Project who have accepted consent, are pending consent, or who have rejected consent. This listing also allows for users to be removed from the project when necessary.

This dashboard also allows for inviting new users to the project and making new versions of the consent form.

One can think of a Consent Form as being a type of Survey associated with a legal binding. The following FHIR resources persist the Consent Forms, Responses, and Consent Directives:

Questionnaire - This resource defines the Consent Form.

QuestionnaireResponse - This resource stores a user's response to a Consent Form.

Consent - This resource represents the Consent Directive and serves as the legal record of a user's opt-in or opt-out to terms presented in a consent form. It contains information such as when the response was provided and the valid time frames. It also references the QuestionnaireResponse that was completed by the user. In addition, it contains the user name of the user who filled out the consent form and their role (consenter or delegatee).

Provenance - This resource represents the execution of the Consent Directive. It references the Consent resource that was signed by the user. The provenance resource will contain a cryptographically signed JWT containing the terms of the consent and all metadata.

Consent - The record of a healthcare consumer's policy choices. Consent permits or denies identified recipient(s) or recipient role(s) to perform one or more actions within a given policy context, for specific purposes and periods of time.

Consent Directive - The legal record of a healthcare consumer's agreement with a party responsible for enforcing the consumer's choices. A Consent Directive permits or denies identified actors or roles to perform actions affecting the consumer within a given context for specific purposes and periods of time

Consent Form - Human readable consent content describing one or more actions impacting the grantor for which the grantee would be authorized or prohibited from performing. It includes the terms, rules, and conditions pertaining to the authorization or restrictions, such as effective time, applicability or scope, purposes of use, obligations and prohibitions to which the grantee must comply. Once a Consent Form is "executed" by means required by policy, such as verbal agreement, wet signature, or electronic/digital signature, it becomes a legally binding Consent Directive.