Skip to main content

Visibility & consent

What it does

This area governs which records a user can see for the people in the system — going beyond job-based roles to respect consent, visibility settings, and specific access grants. It's how the platform makes sure sensitive information is shared only with those who should see it.

Where to find it

Much of this lives on a person's own record under People (/people/[personId]):

  • Visibility/people/[personId]/visibility
  • Consents/people/[personId]/consents
  • Access grants/people/[personId]/access-grants

Related identity documents are under Health cards (/identity-access/health-cards).

📸 Screenshot: a person's visibility & consent settings (identity-visibility).

Common tasks

See who can access a person's record

Open the person, then Visibility / Access grants, to review who can see them and why.

Open the person's Consents and add or update a consent — for example permission to share information for a specific purpose. The platform honors it when deciding what others can see.

Grant specific access

Use Access grants to allow a particular user or team to see a record they wouldn't otherwise — useful for referrals or shared care. Grants can be time-limited.

Tips & limitations

  • These rules combine with roles & permissions: a user must pass both the role check and the visibility/consent check to see a record.
  • Emergency ("break-glass") access, where available, requires a reason and is always recorded for review.
  • Because access is filtered per user, search results legitimately differ from person to person.