ConsentService
Component Detail
Service Layer
medium complexity
backend
0
Dependencies
0
Dependents
2
Entities
0
Integrations
Description
Orchestrates the consent capture lifecycle, determining when consent is required and routing to digital or manual fallback paths. Ensures consent records are immutable and timestamped, and enforces progressive prompting logic so mentors are only prompted once per new sensitive assignment type.
consent-service
Sources & reasoning
Line 101 calls for gradual digitalization of powers of attorney and medical records with manual fallback - the consent layer required for encrypted sensitive data handling. Combined with the dispatch requirement (line 94), this fulfills GDPR obligations for peer mentors receiving sensitive assignments. Part of the Phase 2 encrypted-assignments area, mapped to target_release v1.0.
-
docs/source/likeperson.md · line 101- Gradvis digitalisering av fullmakter og epikriser med manuelt fallback.
-
docs/source/likeperson.md · line 94- **Kryptert oppdragshåndtering:** Sende sensitive personopplysninger (navn, adresse, epikrise) til likepersoner med leveringsbekreftelse og lesebekreftelse.
Responsibilities
- Evaluate whether a peer mentor has already consented for a given assignment type
- Create immutable, timestamped consent records upon digital confirmation
- Coordinate manual fallback consent registration and audit trail creation
- Enforce progressive prompting rules to avoid redundant consent requests
- Validate consent payload integrity before persistence
Interfaces
requiresConsent(mentorId: string, assignmentTypeId: string): Promise<boolean>
recordDigitalConsent(mentorId: string, payload: ConsentPayload): Promise<ConsentRecord>
registerManualFallback(mentorId: string, assignmentId: string, metadata: ManualConsentMeta): Promise<ConsentRecord>
getConsentHistory(mentorId: string): Promise<ConsentRecord[]>
Related Data Entities (2)
Data entities managed by this component