Streamlining secure player access within the Athlete RMS NHL platform.
Internal dashboard for ops and security staff to manage player access to medical records. Replaced manual invites with a self-serve system for sending access, tracking status, and controlling permissions.
Athlete RMS is the world’s first league-wide records management system that collects, analyses and visualizes athletes’ data. ARMS Health is NHL’s internal medical software that serves medical data and tracks performance.
2024
Sector:
Sector:
Enterprise, Healthcare B2B SaaS
Enterprise, Healthcare B2B SaaS
Team:
Team:
PM, Designer, Engineering Lead, QA Engineer, 2 Developers
PM, Designer, Engineering Lead, QA Engineer, 2 Developers
Client:
Client:
NHL, National Hockey League
NHL, National Hockey League
My Role:
My Role:
Product Designer
Product Designer
Timeline:
Timeline:
4 months
4 months
User Groups:
User Groups:
Team Operations Staff, Security Managers, Internal Medical Teams
Team Operations Staff, Security Managers, Internal Medical Teams
Impact:
97%
Invite Activation Rate
Invite Activation Rate
88%
Dashboard Adoption
Dashboard Adoption
80%
Drop in manual follow-up
Drop in manual follow-up
This is the final prototype!
This is the final prototype!
and see how this feature improved access visibility and onboarding success for NHL.
and see how this feature improved access visibility and onboarding success for NHL.
Research: Framing Access Pain Points in a Healthcare Environment.
Research: Framing Access Pain Points in a Healthcare Environment.
Each NHL season, player access to medical systems was managed manually — invites sent over email, onboarding tracked in spreadsheets, and no visibility into who had access.
To redesign the experience, we spoke with team ops, medical staff, and security to uncover where the process broke down — from onboarding delays to data access risks and lack of auditability.
This helped define the core question:
Each NHL season, player access to medical systems was managed manually — invites sent over email, onboarding tracked in spreadsheets, and no visibility into who had access.
To redesign the experience, we spoke with team ops, medical staff, and security to uncover where the process broke down — from onboarding delays to data access risks and lack of auditability.
This helped define the core question:
"How might we give teams control over secure access to player medical records — without introducing friction or risk?"
"How might we give teams control over secure access to player medical records — without introducing friction or risk?"
Research Focus Areas.
Research Focus Areas.
Stakeholder Interviews
Stakeholder Interviews
Uncovered responsibilities, workflows, and risks tied to medical data access across ops, security, and compliance teams.
Task-Based JTBD Interviews
Task-Based JTBD Interviews
Identified what “successful access” meant for managers: confidence, visibility, and speed.
Wireframe Testing
Wireframe Testing
Two authentication flows were tested with internal staff to surface trust blockers, edge cases, and mental models.
Access Logic Mapping
Access Logic Mapping
Defined edge cases like expired invites, re-sends, and inactive players to ensure coverage of real-world complexity.
Insights that drove the solution.
Insights that drove the solution.
No signup visibility
No signup visibility
Managers couldn’t tell who completed onboarding.
Managers couldn’t tell who completed onboarding.
Bulk actions were painful
Bulk actions were painful
Row-by-row invites didn’t scale for entire rosters.
Row-by-row invites didn’t scale for entire rosters.
Security-critical invites
Security-critical invites
Each link needed to be one-time use and tamper-proof.
Each link needed to be one-time use and tamper-proof.
No audit trail
No audit trail
Teams lacked traceable logs for compliance needs.
Teams lacked traceable logs for compliance needs.
Solution #1: Tamper-Proof Player Flow.
Solution #1: Tamper-Proof Player Flow.
We implemented a one-time invite and authentication flow tailored for players, ensuring secure, identity-linked access to medical records. Players enter via a verified code — no passwords, no risk of unauthorized entry.
We implemented a one-time invite and authentication flow tailored for players, ensuring secure, identity-linked access to medical records. Players enter via a verified code — no passwords, no risk of unauthorized entry.
Solution #2: Access Manager Dashboard.
Solution #2: Access Manager Dashboard.
A new internal tool for ops and security teams to assign access, track invite status, and control lifecycle permissions — all from a centralized dashboard.
A new internal tool for ops and security teams to assign access, track invite status, and control lifecycle permissions — all from a centralized dashboard.
Solution #3: Bulk Invite & Lifecycle Actions.
Solution #3: Bulk Invite & Lifecycle Actions.
The dashboard supports multi-player actions like “Grant Access,” “Expire,” and “Re-invite” — built to handle full team rosters in seconds, with individual overrides when needed.
The dashboard supports multi-player actions like “Grant Access,” “Expire,” and “Re-invite” — built to handle full team rosters in seconds, with individual overrides when needed.
Solution #5: Built-in Audit Logging.
Solution #5: Built-in Audit Logging.
Each access record is tracked and time-stamped, giving teams visibility into who sent invites, who completed registration, and when access was granted or revoked.
Each access record is tracked and time-stamped, giving teams visibility into who sent invites, who completed registration, and when access was granted or revoked.
Execution: Cross-functional partnership.
Execution: Cross-functional partnership.
This feature was developed in close partnership with engineering, compliance, and NHL operations teams. We tested edge cases like expired links, duplicate invites, and incomplete signups to ensure the system handled real-world complexity.
I provided detailed Figma specs and logic rules to support dev handoff, while QA and the dev team pressure-tested the dashboard through UAT ahead of deployment.
This feature was developed in close partnership with engineering, compliance, and NHL operations teams. We tested edge cases like expired links, duplicate invites, and incomplete signups to ensure the system handled real-world complexity.
I provided detailed Figma specs and logic rules to support dev handoff, while QA and the dev team pressure-tested the dashboard through UAT ahead of deployment.
Impact: Driving feature adoption and satisfaction.
Impact: Driving feature adoption and satisfaction.
With help from Analytics and Ops, we tracked adoption and activation metrics—confirming a smooth rollout and strong user uptake.
With help from Analytics and Ops, we tracked adoption and activation metrics—confirming a smooth rollout and strong user uptake.
97%
Invite Activation Rate
Invite Activation Rate
The majority of players completed signup without support, confirming the clarity and trustworthiness of the new onboarding flow.
The majority of players completed signup without support, confirming the clarity and trustworthiness of the new onboarding flow.
88%
Adoption within 2 weeks
Adoption within 2 weeks
Ops teams across the league adopted the dashboard quickly, using it to manage player access at scale.
Ops teams across the league adopted the dashboard quickly, using it to manage player access at scale.
80%
Fewer manual follow-ups
Fewer manual follow-ups
By replacing manual outreach with real-time status visibility, teams significantly reduced support overhead.
By replacing manual outreach with real-time status visibility, teams significantly reduced support overhead.
Drop Me a line at:
Visit my page:
Drop Me a line at:
Visit my page:
Drop Me a line at:
Visit my page:
Drop Me a line at:
Visit my page: