Onboarding & Workspace Cryptography Setup
How do clinicians onboard and set up their clinical workspace?
Onboarding a new clinic or trial site is the first step to establishing a secure environment for capturing patient consent. Because ConsentCollect uses a zero-knowledge security model, all patient data and consent documents are encrypted directly in the browser. The setup wizard is structured in six simple steps to get your clinical team up and running.
What is the step-by-step clinician onboarding process?
The onboarding wizard guides you through these six distinct configuration phases:
What is Step 1: Legal & Compliance Agreement?
You must review and accept ConsentCollect’s standard Terms & Conditions and Privacy Policy to proceed.
- Standard Plans: Access requires agreeing to the core policies.
- Enterprise Plans: If your hospital or research institution is on an Enterprise Tier, you will proceed through a custom onboarding flow that includes executing your custom Business Associate Agreement (BAA) for full institutional HIPAA compliance.
What is Step 2: Professional Identity?
Enter your professional clinical credentials to configure your signing profile:
- Enter your full name and official clinical title.
- Declare your medical specialty (e.g., Cardiology, General Surgery, Pediatric Research).
What is Step 3: Organization Details?
Configure the identity of your clinic, healthcare system, or trial site:
- Enter your official Organization Name.
- Provide the organization’s website, contact email, and clinic physical address.
- Upload your institutional logo (which will be rendered in the header of all digital consent documents sent to patients).
What is Step 4: Clinical Team Setup (Seat Allocation)?
Invite coordinators, physicians, nurses, and auditors to join your workspace:
- Enter your staff members’ emails.
- Assign their workspace permission level (e.g., Editor to build forms, or Auditor to review signing logs).
- (Note: This step is optional and can be skipped during the initial setup).
What is Step 5: Cryptographic Passkey & Mnemonic Security?
Establish the local encryption keys that secure your patient data:
- Save Your Recovery Phrase: You will be shown a unique four-word recovery phrase. Write this phrase down and store it in a secure physical location (such as a clinic vault). Support staff cannot recover this phrase if lost.
- Biometric Passkey Registration: Register your device’s biometric sensor (Face ID, Touch ID, or Windows Hello PIN). This binds your account to your device so you can unlock your records securely in one touch without typing your passphrase.
What is Step 6: Contact & Support Activation?
Confirm your primary clinical contact number and emergency communications preferences to complete the onboarding wizard and launch your clinical dashboard.
Why is the four-word recovery phrase critical?
The four-word recovery phrase acts as the master key to your clinical workspace.
- Zero-Knowledge Privacy: ConsentCollect support staff cannot read your forms, reset your password, or recover your clinical records.
- Decryption Key: If you log in from a new computer, your browser must pull the encrypted database from the cloud. The four-word recovery phrase is used by your browser to decrypt your templates and clinical data.
- Emergency Recovery: Write this phrase down and store it in a secure physical location (such as a clinic safe). If you lose this phrase, all patient records and consent history in your workspace will become permanently unreadable.
How does biometric unlock simplify access?
Entering a recovery phrase every time you log in is inefficient. ConsentCollect allows you to bind your credentials to your physical device:
- One-Touch Access: Once enabled, you can use facial recognition or fingerprint scans to unlock your workspace.
- Security Boundary: The biometric scan unlocks the local encryption keys stored in your browser’s secure sandbox.
- Device Binding: Biometric keys are tied to the specific tablet, computer, or phone you used during setup. If you access the system from a new device, you will need your recovery phrase to perform the initial unlock.
How do you invite clinical team members to a workspace?
In a clinical trial or busy hospital department, multiple coordinators, physicians, and nurses need access to the same patient forms. You can invite team members to collaborate securely:
- Send the Invitation: Enter the team member’s name, email, and role (such as Editor or Auditor) in the Staff Directory.
- SSO Authentication: The invitee registers using their hospital SSO or secure credentials.
- Secure Workspace Handshake: When the invitee logs in for the first time, your browser automatically encrypts a copy of the clinic’s Workspace Key using their public credentials and uploads it.
- Shared Access: The team member can now decrypt clinical records using their own credentials, enabling seamless collaboration without sharing passwords.