We have developed an ontology-based model of subject's permissions and organization's obligations resulting from the informed consent process. For the initial evaluation of the ontology we modeled the research plan of an informed consent document currently used by the UCSD Moores Cancer Center (MCC) for collecting and banking biospecimens for use in cancer research. We have also populated the ontology with de-identified clinical data and sample data from patients who consented to participate in the study. Furthermore, we provided reasoning mechanisms to support requests from real uses cases involving researchers approaching MCC requesting access to use collected clinical data and biospecimens. We supported those requests by identifying resources available for reuse, while checking conformance with preexisting subject's permissions. Based on the lessons learned from this study we propose a scalable framework for specifying subject's permission and checking researcher's resource requests in compliance with given permissions. The proposed framework is an extension of an existing general-purpose policy engine based on XACML (eXtensible Access Control Markup Language), incorporating ontology-based reasoning. Given the lack of standards for sharing, integrating and checking compliance with subject's consents our research could have an important future practical impact.