Purpose Statement

The Reports Module Data Set Permissions feature allows administrators to control which user roles can access specific data sources within the reporting system. This granular permission system ensures sensitive information remains secure while enabling appropriate personnel to access the data they need for their roles. By configuring these permissions, departments can maintain compliance with regulations like HIPAA for EMS patient data while allowing broader access to operational reports.

Background Information

Data set permissions provide essential security controls for Fire/EMS departments that handle sensitive information including employee records, patient data, and confidential operational details. This feature is particularly important for maintaining HIPAA compliance when dealing with EMS patient information and protecting personnel data from unauthorized access. Common applications include restricting employee information fields to administrative roles only and limiting EMS patient data access to personnel with proper HIPAA training and authorization.

Required Permissions

To manage data set permissions in the Reports Module, users must have:

• Administrator role permissions
• Reports Module access
• User management permissions
• Data security configuration access

Video

Step-by-Step Guide

1. Navigate to the Reports Module.

2. Click on Setup.

3. Click on Data Set Permissions. 

4. Navigate through the data source list to find the specific data set you want to modify permissions for. Common targets include employee information fields, EMS patient data, or other sensitive operational data.

5. Click the X in the Actions Column to remove a permission.

6. Click the checkmark to give access to a Role.

7. Select the checkbox next to each item and then select Grant Permission or Remove Permission to make bulk changes.

8. When complete you can exit Setup.

Best Practices

Security Considerations:

• Regularly audit data set permissions to ensure only authorized personnel have access to sensitive information
• Document permission changes for compliance and audit purposes
• Implement the principle of least privilege - grant only the minimum access necessary for each role

HIPAA Compliance:

• Restrict EMS patient data access exclusively to roles with current HIPAA training
• Maintain detailed logs of who has access to protected health information
• Review and update permissions when personnel change roles or complete additional training

Employee Data Protection:

• Limit employee information access to administrative roles and direct supervisors
• Consider separating payroll and HR data from operational employee information
• Regularly review which roles need access to personnel records

Troubleshooting & FAQs

Q: I don't see the Data Set Permissions option in Setup. What should I do? A: This feature may not be available for your user role. Contact your system administrator to verify you have the necessary permissions to manage data set permissions.

Q: Can I grant temporary access to a data source? A: The system manages permanent role-based permissions. For temporary access, consider temporarily assigning the user to an appropriate role, then removing them after the task is complete.

Q: How do I know which roles should have access to specific data sets? A: Consult your department's data governance policies, HIPAA compliance requirements, and role-specific job descriptions to determine appropriate access levels.

Q: Can I see a history of permission changes? A: Check with your system administrator about audit log availability for permission modifications.