Understanding Confidentiality in Medical Records
Certain medical records are intrinsically confidential. This is particularly true for health assessments that are governed by specific state or federal regulations. For instance, the Queensland Coal Mine Workers' Health Assessments and Rail Health Assessments have stringent standards. These regulatory frameworks ensure that access to certain health assessments and related medical records is appropriately controlled to protect individual privacy and comply with legal standards.
The Role of Carelever in Managing Access
KINNECT’s Carelever platform is designed to address these complexities adeptly. It allows varying levels of document access tailored to specific needs, which is especially significant in environments where multiple stakeholders are involved. The settings and systems in Carelever have been certified as meeting the management systems, standards and guidelines for ISO 27001:2022 INFORMATION SECURITY MANAGEMENT SYSTEMS.
Here's how it works:
1. Different Access Permissions: Carelever enables clients to assign different access permissions to their organisation’s users. This feature is critical in maintaining the delicate balance between necessary access and confidentiality.
2. Standard vs Restricted Access: Standard access permission typically allows full visibility of all medical records within Carelever. However, there's also a provision for restricted access. This level permits users to view the overall outcome of a health assessment but not the confidential medical records associated with that assessment.
3. Controlled Accessibility: Restricted access is particularly useful in scenarios where only certain approved stakeholders should have access to detailed employee health records and information. This ensures that sensitive information is only available to those who genuinely need it for relevant purposes.
Managing User Permission Levels
User permission levels in Carelever can be accessed and managed within the settings section of your account. However, it’s important to note that only users at the Company Administrator level have the privilege to edit user permissions. This hierarchical control further reinforces the security framework of the system.
Guidance for Non-Administrators
If an individual is not a company administrator and requires changes to user permissions or access to certain information, they are advised to communicate with their company administrator. Additionally, KINNECT provides support to identify and contact the relevant administrator or to learn more about managing user permissions and security within Carelever.