Glossary

ACO

Accountable Care Organization - an organization of health care providers that agrees to be accountable for the quality, cost, and overall care of Medicare beneficiaries who are enrolled in the traditional fee-for-service program who are assigned to it.

ARRA

ARRA — American Recovery and Reinvestment Act of 2009, also known as the 'economic stimulus package'. It includes a bill called HITECH, which provides incentives to providers and hospitals to adopt Health Information Technology.

authenticate

To verify an identity prior to granting access or asserting trust

CCD

Continuity of Care Document

CCR

Continuity of care record — Health Information Management and Systems Society sponsored standard

CDR

Clinical Data Repository — Digital vault for gathering medical records

CVIS

Cardiovascular imaging system: Repository for cardiac images

certificate of authority

Issues digital certificates in a public key infrastructure environment

cookies

Browser Specific: A piece of data that a web server writes to a browser about interactions with the web site that can be read later by the browser

CMS

Center for Medicaid and Medicare Services

Concierge Care

Elite physician care which includes fee-based cost recovery for extended consulting, in-home visits, and other considerations for the higher demands of a discriminating client.

direct address

Used to identify an endpoint (a sender or receiver) when information is exchanged. The 'direct address' has two parts: a Health End point Name and a Health Domain Name. The Direct Address is also sometimes referred to as a 'Health Internet Address'

direct message

The content of the information being transferred from the sender to the receiver. The 'direct message' is similar to a package that is sent from one person to another via the postal service, such as the content within and envelope or box.

DNS

Domain Name System, an internet system to translate human-readable names into internet addresses.

DURSA

Data Use and Reciprocal Support Agreement, a comprehensive agreement that governs the exchange of health data between participants in the NHIN Exchange

EHR

Electronic Health Record, a computerized system for recording, storing, producing, and using electronic patient medical and health information.

enterprise

Business entity which spans several organizational groups

EMR

Electronic Medical Record

e-visit

Electronic visit by a patient to his or her healthcare provider. They are perfect for patients who live far away from their clinics, have children, or who don't want to spend travel time to a doctor when they need a quick answer or diagnosis for a minor symptom.

ePHI

Electronically stored protected health information. Any information about health status, provision of health care, or payment for health care that can be linked to a specific individual and stored it this file.

FBC – Fee-based consultation

Pricing associated with phone or (online) e-visit discussions between a physician and a patient

FTC – Privacy by Design

The FTC recommends to businesses that they adopt a ‘privacy by design’ approach by building privacy protections into their everyday business practices, including reasonable security for consumer data, limited collection and retention of such data, and reasonable procedures to promote data accuracy.

hacking

The process of penetrating a web site for purpose of identity theft, malicious take over, or personal amusement. The result is that service and data may be taken or damaged.

health domain name

The delivery location for messages to an individual Direct HISP, the HISP portion of a Direct Project Address

health end point

The delivery location for messages to an individual Direct user, the user portion of a Direct Project Address

HL7 - Health Level 7

An international standards organization that develops and publishes voluntary consensus technical standards.

HIE

Healthcare Information Exchange: defined as the mobilization of healthcare information electronically across organizations within a region, community or hospital system

HIO

Health Information Organization, an organization that holds patient information and/or provides services to allow members of the organization to exchange health information.

HIPAA

Health Insurance Portability and Accountability Act: Enacted by the US Congress in 1996, this act establishes national standards for electronic healthcare transactions and national identifiers for providers, health insurance plans, and employers.

HISP

Health Information Service Provider, the entity that is responsible for delivering health information as messages between senders and receivers over the internet.

HITECH

Health Information Technology for Economic and Clinical Health Act, a bill that, as part of the American Recovery and Reinvestment Act of 2009, aims to advance the use of health information technology such as electronic health records.

HITPC

Healthcare IT Policy Committee, a federal advisory committee charged with making recommendations to the National Coordinator for Health IT surrounding standards, implementation specifications, and certifications criteria in order to shape a nationwide infrastructure for the adoption of healthcare information technology and the exchange of meaningful patient medical information.

HITSC

Healthcare IT Standards Committee, a federal advisory committee charged with providing standards guidance and testing infrastructure to support the recommendations of the HIT Policy Committee.

idn

Integrated delivery network, a network of healthcare organizations organized under a parent holding company that provides a continuum of healthcare services.

ihe

Integrating the healthcare enterprise, a group of healthcare industry stakeholders that promotes and defines coordination of established standards to provide meaningful and effective information exchange.

mdGC

HIPAA secure group collaboration tool. It offers an easy and private discussion group function, capable of supporting clinical research group projects, care coordination, or collaborative efforts

meaningful use

The goal of meaningful use of an Electronic Health Record is to enable significant and measurable improvements in population health. The ultimate vision is one in which all patients are fully engaged in their healthcare, providers have real-time access to all medical information and tools to help ensure the quality and safety of the care provided, while also affording improved access and elimination of health care disparities.

medical tourism

Combining major operative or long recovery procedures with a less expensive cost of care, and a “resort” style environment. Shifts patients from their local hospital to one located in a less expensive part of the country or of the world.

MIME

Multipurpose Internet Mail Extensions, an internet standard that extends email to support content beyond simple ASCII plaintext data.

NHIN

The Nationwide Health Information Network, a set of standards, services and policies that enable secure health information exchange over the Internet.

NHIN Connect

Open source software that embodies the standards and services to support NHIN specifications.

NHIN Direct Project

The NIHN Direct Project develops specifications for a secure, scalable, standards-based way to establish universal health addressing and transport for participants (including providers, laboratories, hospitals, pharmacies and patients) to send encrypted health information directly to known, trusted recipients over the Internet.

NHIN Exchange

A diverse set of federal agencies and non-federal organizations that have come together to securely exchange electronic health information using the NHIN specifications.

NHIN Specifications

Specifications of the core NHIN services and standards enabling such functions as locating patients at other participation healthcare organization. These specifications must be used by NHIN Exchange participants and may be used by others.

NHIN Workgroup

Part of the Federal Health IT Policy Committee

ONC

The Office of the National Coordinator for Health Information Technology in the Department of Health and Human Services, the principal Federal entity charged width coordinating nationwide efforts to promote the use of health information technology

PACS

Photo and Communication System

patient portal

Healthcare-related online applications that allow patients to interact and communicate with their healthcare providers, such as physicians and hospitals, over the internet.

PHR

Personal health record: an electronic health record managed by a patient. It might be owned by a healthcare organization, care provider, or insurance company or it may simply serve as patient-owned space for storing and editing personal medication information.

CHIT - Patient Centered Health Info Tech

Wellness care. Pools collective knowledge of specialists with the goal of promoting wellness, as opposed to episodic illness and injury care

PCMH

Patient-centered medical homecare: Collaborated healthcare. Members include all doctors / consultants, nurses, and other professional staff who oversee a given patient’s care.

PKI-technology

Public Key Infrastructure: Used in connection with digital signatures and authentication certificates, this technology ensures a secure connection over the internet.

push technology

A style of Internet-based communication, e.g. Email, where the request for a given transaction is initiated by the publisher or central server.

REC

Regional Extension Center: Electronic storage site for clinical data

receiver

Actor in the Direct work flow who receives the message content. A 'receiver' may be a person or a larger business entity.

reference implementation

Open-source software that implements the Direct Project specifications. There may be multiple reference implementations using different technologies (e.g. .NET, Java), and a reference implementation is not normative as the specifications are.

ROI

Return On Investment - A performance measure used to evaluate the efficiency of an investment or to compare the efficiency of a number of different investments.

route

To transport a Direct Message from Sender to the Receiver(s) identified by the Direct address(es).

secure transport layer

A set of cryptographic protocols that provide communications security over the Internet

sender

Actor in the Direct work flow who originates the message content. A 'sender' may be a person or a larger business entity.

S/MIME

Secure/Multipurpose Internet Mail Extensions, an internet standard for securing MIME data. S/MIME provides privacy and data security through encryption; and authentication, integrity assurance, and non-repudiation of origin through signing.

SMTP

Simple Mail Transport Protocol, an industry standard for transporting email.

SSL

A protocol that allows client/server applications to communicate across a network in a way designed to prevent eavesdropping and tampering.

SSL certificate

When a client requests a secure connection to a file server, that server sends back a security (SSL) certificate that informs the client of its security level and how to connect. The client confirms that the certificate is valid and establishes a secure connection.

scraping

Data scraping is a technique in which a computer program extracts data from human-readable output which might include email addresses, or other personal information available either written in a web page or on a computer screen. Availability is becoming more easy as software programs learn how to crawl into every partially open database that is exposed.

sniffing

Tracking information that moves across the internet for purposes of identity theft and marketing demographics. Messages and information which moves unprotected across the internet or airwaves can be captured by innovative snoops.

transport layer

Part of the internet or simply network technology which describes how data is moved from point A to point B.

Web 1.0

The first generation of web standards, prior to 1996, included one-way communication, anonymous logins to remote computers, static web pages, and unecrypted email. This baseline standard suffers from privacy controls, due to the limited features for protecting data. The original concept was to distribute data, rather than to protect it.

Web 2.0

The new design standards allow for two-way transmission of information between two entities, and provide for secure transmission. Another application of Web 2.0 standards allow for the Social Web such as Facebook and Twitter to exist.

XDM

The IHE cross-enterprise document media interchange integration profile. This is a profile for the exchange of health information on portable media. XDM provides an option for zipped file transfer over email, which is most relevant in the Direct Project specifications.

X.509 Digital Certificates

A standard for asserting that an entity is who it purports to be. The standard is strictly hierarchical, where a trusted entity asserts the identities of a set of child entities, which can make further assertions, ad infinitum.