Managing your account

Updated

Changing your password

If you're a client

  1. Visit headway.co
  2. Click Log in, then Forgot your password
  3. Enter the email associated with your Headway account

As a note, the password reset email may have been filtered to spam/junk or promotions inbox folder.

If you are unable to locate the email, or are not sure what email address you used for your Headway account, reach out to us via our contact form and we'll help.

If you have tried resetting your password and still can't log into your account, there are a few things to consider:

  • New users will need to verify their account via email
  • If you are logged in, you will see your initials in the top-right corner

Still having trouble? Send us a note through our contact form and someone from our support team can investigate. 

 

If you're a provider

  1. Visit sigmund.headway.co
  2. Enter the email associated with your Headway account
  3. Click Forgot your password

Once you request a password reset, you'll receive an email with the subject line "Please Verify Your Headway Account" which will take you through the password reset flow. 

The email may have gone to your junk/spam folder. If you are using a Gmail account, please also check your promotions folder.

If you have previously unsubscribed from any Headway email, you have unsubscribed from all Headway emails and we'll need to remove you from the unsubscribed list – reach out to us if this is the case. 

 

Keeping your account secure

There are a few things you can do to keep your Headway account secure: 

  • Create a strong password (and never share it with anyone!)
  • Set up two-factor authentication (2FA) for your Headway account
  • Create a strong password for the email address associated with your Headway account
  • Set up 2FA for the email address associated with your Headway account

What to keep in mind when creating a password

It's always a good idea to create strong passwords that you'll remember, are hard to guess, and aren't shared with others. Creating a strong password is essential for protecting your accounts and personal information, especially for your Headway and email accounts, which may contain sensitive information. 

Best practices for password creation:

  • Create a memorable but complex password

  • Make your password long, aiming for somewhere around 12-16 characters

  • Don’t use easily guessable words or information like “password,” “123456,” your name, your pet’s name, or common words/phrases

  • Avoid reusing your passwords

  • Consider using a password manager – they can generate and store complex passwords for you, so you don’t have to remember each one

  • To add an extra layer of security, enable 2FA whenever possible

  • Change your password if you believe it has been compromised

  • Keep your passwords private and never share them via email, text, or other unsecured methods

  • Always be cautious of emails or messages asking for your passwords, and verify the source before providing any information
     

Two-factor authentication (2FA)

If you're a provider

Headway is committed to being your partner in growing your practice with zero stress. As part of that, we believe protecting information about your practice and patients is paramount.

With our new Two-Factor Authentication feature, we're giving you an extra layer of security to safeguard your account and the valuable data it holds.

You'll be prompted to set up 2FA upon logging in. From there, you'll need to enter a phone number to which we'll send a code (via voice or text). 

Resetting your 2FA method

  1. Visit the Account page on headway.co
  2. Scroll to the Login section
  3. Click Reset multi factor authentication
  4. Enter your current password

Once you follow those steps, you’ll be logged out of Headway, and prompted to login and complete the 2FA setup process again. Then, you’ll be able to enter a new phone number to receive 2FA codes.

 

Setting up 2FA for email

To receive 2FA codes via email: 

  1. Ensure that you've already set up 2FA with your phone number 
  2. Log out of your account 
  3. Log in as you typically would
  4. When you reach the 2FA screen, click Try another method under Continue

Resetting 2FA

To reset your 2FA methods:

  1. Visit the Account page on headway.co
  2. Scroll to the Login section
  3. Click Reset multi factor authentication
  4. Enter your current password
  5. You'll be logged out of Headway, and prompted to login
  6. Login and complete the 2FA setup process again
  7. Enter a new phone number to receive 2FA codes

Frequently asked questions

Are other methods of 2FA supported? Like Google Authenticator or Authy?

At this time, we don’t have plans to allow / support other methods of Two-Factor Authentication (2FA), such as authenticator apps or biometric scanning. We made this decision in order to keep things simple for all of our providers.

We'll be sure to let you know if we choose to add additional options for 2FA in the future.

How do I change the phone number I originally set up for 2FA? 
How often do I have to enter a 2FA code? Do I have to do it every time I log in? 

If you do not check "Remember this device", you’ll need to enter a Two-Factor Authentication (2FA) code every time you log into the provider portal.

If you do check “Remember this device”, you’ll only need to enter a 2FA code every 30 days.

What if multiple people are using the same account? Can I set up multiple phone numbers?

At this time, we do not support multiple phone numbers being entered for Two-Factor Authentication (2FA). We do recommend setting up separate accounts for each person that will need to log in. This is the most secure way, and each individual will be able to receive authentication codes to their individual phone numbers or email addresses. 

If you do not choose to set up separate accounts, you'll need to set up 2FA for email to accommodate for multiple people using the same login. That way, the codes will go to the email used to log into Headway. 

Are there other ways besides phone to get the 2FA codes?

When you first set up Two-Factor Authentication (2FA), you’ll provide a phone number that we’ll send a code to when you log in. By default, we’ll always send the 2FA code to the phone number you originally provided.

However, once you’ve logged in at least once with 2FA, you’ll have the option to select Try another method. This option will allow you to receive your code at the email address you use to log into Headway.

 

If you're a client

We don't require two-factor authentication for clients. If this ever changes, we'll let you know. 

 

Leaving Headway

If you're a provider

Terminating your provider contract

If you are a provider and would like to terminate your contract with Headway, please complete this form and we'll be able to support you with this process.

We are always looking to learn from our providers and see what ways we can improve our services for both you and your clients. Our team appreciates any and all feedback!

Taking clients off of Headway if you leave

Clients you bring to Headway are yours — should you choose to leave the platform, you are welcome to take them with you. Our expectation is that clients who find you on Headway in their search for care (aka “Headway sourced”) will continue to be seen on Headway.

We expect this as these clients have chosen to use our platform, and we want to respect this choice, ensure they receive in-network care, and provide them with a smooth experience. Essentially, we are asking that you do not build a caseload via Headway referrals and then migrate that caseload off platform to protect the client experience.

Note: On your Headway calendar, clients who found you through our search’s initial intake appointments will be blue. Clients you’ve added yourself will have green initial intake appointments.

 

What happens to your progress notes after leaving Headway

We'll always refer clients back to their provider for any records requests, so we strongly suggest that you download any notes stored on Headway before terminating your account.

 If you forgot to download notes before leaving Headway, you can feel free to reach out to us. Select I can't access my account, and use the email address that was previously associated with your Headway account. From there, our support team will help you out. 

 

If you're a client

Deactivating your client account

If you'd like to deactivate your Headway account, contact us via contact form. Once you submit this request, a member of our Customer Experience team will reach out with next steps. 

Removal of client information

In order to comply with the rules of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Headway is a “covered entity” required by law to also meet specific retention requirements. This does not allow us to delete patient information from our system for a set period of time.

For more information on how the Headway platform is compliant with HIPAA and how we ensure patient information is fully encrypted, please refer to our article on "HIPAA compliance and PHI" and our privacy policy.

 

Using Headway for families

Every client on Headway needs their own account with a unique email address. When adding a family member (like a spouse or child), the Headway account name and the name listed on the insurance should reflect the name of the client seeking care (with corresponding date of birth), even if the client is a minor.

If you're creating an account for a family member who doesn't have an email address, you can add a "+1, +2, etc." or "+name" to the beginning of your own email address. This will make the email address unique, and all emails will still route to the primary email address.

See below for some examples that you can mimic when creating Headway accounts for yourself and your child(ren). 

This workaround will only work for Gmail, Hotmail, Outlook, or iCloud email accounts. Therefore, in some cases, a new (unique) email address may need to be created in order to continue.

Modifying your email with names Modifying your email with numbers
  • Parent's account: Jane Smith, jane.email@gmail.com (primary email)

  • First child's account: John Smith, jane.email+john@gmail.com
  • Second child's account: Jordan Smith, jane.email+jordan@gmail.com
  • Parent's account: Jane Smith, jane.email@gmail.com (primary email)
  • Child's account: John Smith, jane.email+1@gmail.com
  • Second child's account: Jordan Smith, jane.email+2@gmail.com

 

Articles in this section