HIPAA and Healthy Roster

Updated by Niki Budd

HIPAA and Healthy Roster - Legacy

HIPAA stands for Health Insurance Portability and Accountability Act. HIPAA requires health care providers and organizations, as well as their business associates, to develop and follow procedures that ensure the confidentiality and security of all protected health information (PHI). 

Healthy Roster is software designed to connect parents, coaches, athletes, and patients with their organization’s Providers. Because Healthy Roster values the privacy of its consumers, our software is strictly HIPAA compliant while allowing for the communication and transferring of protected health information only between persons that the parent or adult athlete has allowed permissions. 

What this means is that only the Provider user, the adult athlete / patient or the parent will see protected health information unless permission has been granted through Healthy Roster to a coach or administrator to also see that PHI.

To see who has access to your athlete’s / patients PHI see step by step below:

Please Note: Terminology is different based on your setting, for example, a clinical setting uses Care Group as Organizations, Patient instead of Athlete, and Visits instead of Treatment, lastly Problems instead of Injuries, but the steps are still the same.

Step-By-Step Tutorial
  1. Log in to your Healthy Roster account and go to your athlete’s profile via the ‘Athletes’ tab. 
  2. Select the athlete you would like to view permissions for and click the ‘Permissions’ tab.
  3. From here you are able to edit, remove, or add users to your athlete’s Care Circle.

The only people you cannot remove from a Care Circle are the Health Care Providers / Athletic Trainers who rely on Healthy Roster for documentation.

One more thing to note, if a new user such as a coach is added to your athlete’s Care Circle after you have already accepted permissions for the existing members of the Care Circle when you set up your account, you will be prompted to allow or deny permissions for those additions. They will not automatically be allowed to view the PHI in your athlete’s account.

HIPAA and Healthy Roster - 2.0

HIPAA stands for Health Insurance Portability and Accountability Act. HIPAA requires health care providers and organizations, as well as their business associates, to develop and follow procedures that ensure the confidentiality and security of all protected health information (PHI). 

Healthy Roster is software designed to connect parents, coaches, athletes, and patients with their organization’s Providers. Because Healthy Roster values the privacy of its consumers, our software is strictly HIPAA compliant while allowing for the communication and transferring of protected health information only between persons that the parent or adult athlete has allowed permissions. 

What this means is that only the Provider user, the adult athlete / patient or the parent will see protected health information unless permission has been granted through Healthy Roster to a coach or administrator to also see that PHI.

To see who has access to your athlete’s / patients PHI see step by step below:

Please Note: Terminology is different based on your setting, for example, a clinical setting uses Care Group as Organizations, Patient instead of Athlete, and Visits instead of Treatment, lastly Problems instead of Injuries, but the steps are still the same.

Step-By-Step Tutorial
  1. Navigate to the patient profile
  2. Click Manage Users
  3. You will now see who has Direct Access, Inherited Access, as well as Pending Invitations or be able to add users and edit accordingly
    • Direct Access: Those that have direct access to the patient profile (Typically the Patient/Parent/Primary User, Organizational User, Team User)
    • Inherited Access: Users with the highest level of access, their access cannot be changed (Assigned Providers and Admin)
    • Invitations: Invitations that have been sent but not accepted

One more thing to note, if a new user such as a coach is added to your patient's Care Circle after you have already accepted permissions for the existing members of the Care Circle when you set up your account, you will be prompted to allow or deny permissions for those additions. They will not automatically be allowed to view the PHI in your patient's account.

How did we do?

Powered by HelpDocs (opens in a new tab)