New Generation Access Control (NGAC)because of its neutrality by designrepresents the most effective and scalable approach for deploying smart access control and consent solutions in large dynamic scenarios. NGAC however presents with its own problems: (1) it has miniscule recognition and uptake in the workplace, (2) it is unusable by non-technical policy officers and (3) its documentation and wider infosphere are very early-stage. XpressRules-PM is a natural language-based NGAC toolkit for (1) equipping non-technical stakeholdersin their own wordsto deploy privacy and consent policies, (2) enabling an organization to configure the product to fit their environment instantly, repeatedly and without IT assistance, (3) exposing its policy store to logicchecking and analytics, and (4) applying NGACs Decision Algorithm to perform real-time dispute resolution in an IoT information blockchain. For healthcare XpressRules-PM facilitates a longitudinal patient consent to accompany a longitudinal patient health record through its migration. NGAC retains the rich semantics of relationships between entities. The NGAC family of standards expresses this semantics ly with a directed acyclic graph (DAG). Therefore the most appropriate implementation of NGAC is graph-based, running on a NoSQL platform. Phase II specifies Neo4j initially, but its design will support any NoSQL database product.