This document describes how recent HL7v3 standards can be used to capture organizational security policies and patient consent, and shows how to transform these into access control implemented on the database, for access to the data for healthcare research. This document also contains a description of the synthetic Patient Consent forms that are generated in the Portavita Benchmark.