Consent and Patient Rights | OpesCare
EN | FR
Sign In Create Health ID
Consent-First by Design

You stay in control of your health information.

OpesCare uses a consent-first model. By default your medical records are private and inaccessible until you explicitly authorise access. Every request, approval, and access event is logged and available to you.

Get Your Health ID Security Architecture

The four pillars of patient data control

Every access request flows through these layers before any information is shared.

Consent Requests

When a healthcare provider needs access to your records, they submit a structured consent request showing who is asking, why they need the information, exactly what they want to see, and how long the access will last.

Scoped Access

Providers receive only the specific information needed for their role and purpose. A pharmacy does not automatically see your full diagnosis history. A lab receives only what is required to process the order.

Access Logs

Every time your record is accessed, you can see which facility or role made the request, the timestamp, the stated purpose, and which specific data was retrieved.

Revocation

You can revoke access for any approved provider where policy allows. Once revoked, that facility can no longer pull your records without submitting a new consent request.

How a consent request works

A step-by-step view of the consent workflow from provider request to access.

1

Provider Submits Request

A doctor or facility requests access, specifying purpose, scope, and duration.

2

Patient Is Notified

You receive a notification showing all details of who is asking and why.

3

You Approve or Deny

You decide whether to approve, deny, or approve with modified scope.

4

Access Is Granted

If approved, the provider pulls only the consented information — nothing more.

5

Access Is Logged

A full audit entry is recorded, visible to you and your care team.

6

You Can Revoke

At any time you can revoke active consent from your patient timeline.

Emergency Access

Emergency access when every second matters — with full accountability.

In a life-threatening emergency where you cannot provide consent, an approved provider may access a limited emergency profile. This action is never silent.

  • Emergency access triggers an immediate high-priority audit alert.
  • The provider must state a documented clinical reason before access is granted.
  • Compliance officers and facility admins are notified automatically.
  • Only a limited emergency profile is accessible — not your full history.
Emergency Profile
Patient Identity
Full Name & Blood Group
Critical Allergies
Penicillin — Contraindicated
Active Chronic Conditions
Type 2 Diabetes, Hypertension
Emergency access logged — Compliance notified

Your rights under OpesCare

These rights apply to every patient registered on the platform.

Right to Know

See who has requested or accessed your records, when, why, and what data was retrieved.

Right to Refuse

Deny any non-emergency access request from any provider at any time.

Right to Revoke

Remove previously granted access where policy and regulations allow.

Right to Review

Access your own complete medical timeline and consent history at any time.

Right to Correct

Request corrections to your identity information if it is inaccurate.

Right to Support

Contact our privacy team at privacy@opeshealthsystems.com for any data concern.

Ready to take control of your health records?

Register for a free OpesCare Health ID and manage your medical information across every facility you visit.

Get Your Health ID Privacy Policy