SanteDB's Policy Access Control components can be used to enable basic data privacy controls on data stored within the SanteDB solution. SanteDB allows objects such as Entities, Acts and identifiers to be tagged with one or more policies which apply to that particular object.
Whenever an Entity, Act or Assigning Authority (identity domain) is tagged with an access policy (such as provided in the Adding Security Policy based on Occupation) the configured Privacy Enforcement Service is called and validate access to the record and to apply any actions to the outgoing (or incoming) data.
The disclosure validation on the enforcement compares the current security principals effective permission policy set and takes appropriate action (based on configuration) for the disclosure of the record. The actions which may be taken on objects like Entities (Person, Patient, Organization, Place, etc.) or Acts (Substance Administrations, Tests, etc.) are:
In addition to entire objects like patients, immunizations, procedures, etc. carrying privacy policies, it is possible to flag identity domains with access/disclosure policies. These policies are enforced on both disclosure and on write, meaning that reading and editing/inserting identities in protected domains is restricted to only principals with appropriate access permissions.