• HL7 FHIR Consent enables interoperable representation of healthcare consent. • Cross-organisational consent governance faces lifecycle and auditability gaps. • Distributed environments require verifiable consent lifecycle management. • Cryptographic integrity anchoring strengthens trust without altering FHIR semantics. To assess whether HL7 FHIR Consent, as currently specified and deployed, is sufficient to support verifiable, regulation-aligned consent governance in distributed and cross-organisational health data sharing. We conducted a qualitative critical analysis of FHIR Consent informed by (i) peer-reviewed implementation literature, (ii) national-scale consent exchange initiatives, and (iii) accountability requirements under GDPR and the European Health Data Space (EHDS). The analysis is organized into four dimensions: semantic interpretability, consent lifecycle management, runtime enforcement, and cross-organisational trust/auditability. FHIR Consent provides an interoperable representation of authorisation intent, but large-scale deployments remain limited by (1) non-canonical semantics across implementations, (2) lack of standardized lifecycle versioning and cross-organisational revocation propagation, (3) heterogeneous translation of declarative consent into enforceable access control, and (4) limited capability for independent verification of consent provenance and historical integrity across institutional boundaries. We derive an architecture pattern that separates (a) standards-based consent representation (FHIR Consent), (b) local policy interpretation/enforcement, and (c) cross-organisational integrity verification. Cryptographic integrity anchoring is discussed as a complementary mechanism for tamper-evident verification of off-chain consent artifacts and lifecycle events, without externalizing consent semantics or personal data.
Phuyal et al. (Fri,) studied this question.