🏠 Overview 🧩 Components 🧩 ConsentService

ConsentService

Component Detail

Service Layer medium complexity backend
0
Dependencies
0
Dependents
2
Entities
0
Integrations

Description

Orchestrates the progressive consent workflow by determining which consent steps are required before a peer mentor may access a given assignment's data categories. It retrieves the current consent text version, evaluates whether prior consent already covers the requested access, and persists new consent records with timestamps. Supports the manual fallback path by recording offline or paper-based consent events.

Feature: Progressive Digital Consent

consent-service

Sources & reasoning

Line 101 explicitly calls out gradual digitization of mandates (fullmakter) and medical summaries with a manual fallback, which maps directly to progressive consent. Line 94 establishes that epikrise (medical summaries) are transmitted-a category requiring explicit GDPR consent. The area sits in Fase 2 per line 153, normalising to v1.0. Consent is a legal prerequisite for the encrypted-assignment-dispatch feature and cannot be deferred.

  • docs/source/likeperson.md · line 101
    Gradvis digitalisering av fullmakter og epikriser med manuelt fallback.
  • docs/source/likeperson.md · line 94
    Kryptert oppdragshåndtering: Sende sensitive personopplysninger (navn, adresse, epikrise) til likepersoner med leveringsbekreftelse og lesebekreftelse.
  • docs/source/likeperson.md · line 153
    Kryptert oppdragshåndtering | - | - | ✓ | - | ✓ | MUST (Blindeforbundet) | 2

Responsibilities

  • Determine required consent steps based on the data categories in an assignment
  • Check existing consent records to avoid redundant prompts for already-consented categories
  • Retrieve the active consent text version for each data category
  • Persist consent decisions server-side with timestamp and consent text version reference
  • Record manual fallback consent events with appropriate metadata

Interfaces

getRequiredConsentSteps(assignmentId: string, mentorId: string): ConsentStep[]
hasValidConsent(mentorId: string, dataCategory: DataCategory, textVersion: string): boolean
recordConsent(mentorId: string, assignmentId: string, dataCategory: DataCategory, textVersion: string): ConsentRecord
recordManualConsent(mentorId: string, assignmentId: string, note: string): ConsentRecord
getConsentHistory(mentorId: string, assignmentId: string): ConsentRecord[]

Related Data Entities (2)

Data entities managed by this component

Assignment 25 fields core Assignment Consent 17 fields core