- Yes - The individual expressly consented to the release of the attribute’s value for the purposes of the transaction.
- No - The individual has not expressly consented to the release of the attribute’s value.
- Unknown - It is not known by the provider whether or not the individual has expressly consented to release of the attribute.
For example, the attribute value might purely be useful in authorization, determining a user's eligibility for services; alternatively, values might be eligible for use beyond the initially intended purpose, or not eligible for any further disclosure. Additionally, organizational Entity or Trust Frameworks might also create their own categories of acceptable uses based on their policies.
Recommended values for this element include:
- Authorization - The value can be used to determine user eligibility for services or privileges and can be used to provide those services.
- Secondary Use - The value may be used for purposes beyond that for which they were initially divulged. Additional use requires separate, explicit consent from user at initiation.
- No Further Disclosure - The attribute value should not be passed on to other parties for any purpose unless required by law.