Professional Documents
Culture Documents
Recommendations
On
Electronic Medical Records
Standards
In
India
Version 2.0
October 2012
Recommendations of EMR Standards
Committee, constituted by an order of
Ministry of Health & Family Welfare,
Government of India
TABLE OF CONTENTS
1.
2.
BACKGROUND .............................................................................................................................................. 7
3.
4.
5.
GOALS .......................................................................................................................................................................14
CATEGORIES FOR ADOPTION OF STANDARDS ......................................................................................................................15
Vocabulary Standards .................................................................................................................................................15
Content Exchange Standards ......................................................................................................................................16
Transport Standards ...................................................................................................................................................16
Privacy and Security Standards ..................................................................................................................................17
CLINICAL STANDARDS ...................................................................................................................................................19
RECOMMENDED HEALTHCARE IT STANDARDS (FOR INDIA)...................................................................................................19
HEALTHCARE INFORMATICS STANDARDS ...........................................................................................................................21
Issues
22
Trends
22
6.
7.
HARDWARE ................................................................................................................................................................27
CONNECTIVITY.............................................................................................................................................................27
SOFTWARE .................................................................................................................................................................27
8.
DATA OWNERSHIP OF EMR ............................................................................................................................28
TECHNICAL SECURITY GUIDELINES: ...................................................................................................................... 32
(I)
ELECTRONIC DATA STORAGE: ...............................................................................................................................32
(II ) ELECTRONIC DATA TRANSMISSION: ...........................................................................................................................32
(III) DATA ACCESS ........................................................................................................................................................32
(IV) DATA SHARING: .....................................................................................................................................................32
(V) DATA AUDIT: ........................................................................................................................................................33
(VI) GENERAL SOFTWARE / APPLICATION REQUIREMENTS:...................................................................................................33
ADMINISTRATIVE GUIDELINES: ............................................................................................................................ 33
CERTIFICATION PROCESS: ..............................................................................................................................................33
PHYSICAL SECURITY GUIDELINES: ........................................................................................................................ 34
10.
REFERENCES ............................................................................................................................................... 35
11.
ANNEXURES ................................................................................................................................................ 36
ANNEXURE I................................................................................................................................................................36
GO related to Sub-Groups Formation ..........................................................................................................................36
LIST OF TABLES
TABLE 1: WORLDWIDE HCIT PROGRAMS ..............................................................................................................................11
TABLE 2: COUNTRY-WISE HCIT STANDARDS USAGE ................................................................................................................11
TABLE 3: COUNTRY-WISE DATA EXCHANGE STANDARDS USAGE ................................................................................................12
TABLE 4: COUNTRY-WISE STANDARDS ADOPTION STATISTICS ....................................................................................................13
TABLE 5: PRIVACY & SECURITY STANDARDS ...........................................................................................................................18
TABLE 6: HCIT STANDARDS (RELEVANT TO INDIA- INITIAL SET) .................................................................................................21
TABLE 7: HEALTH INFORMATICS STANDARDS .........................................................................................................................22
TABLE 8: EMR MDS ........................................................................................................................................................26
1. EXECUTIVE
SUMMARY
Healthcare systems are highly complex, fragmented and use multiple information technology
systems. With vendors incorporating different standards for similar or same systems, it is little
wonder that all-round inefficiency, waste and errors in healthcare information and delivery
management are all too commonplace an occurrence. Consequently, a patients medical
information often gets trapped in silos of legacy systems, unable to be shared with members of
the healthcare community. These are some of the several motivations driving an effort to
encourage standardization, integration and electronic information exchange amongst the
various healthcare providers.
In order to be meaningful, health record of an individual needs to be from conception (better)
or birth (at the very least). As one progresses through ones life, every record of every clinical
encounter represents an event in ones life. Each of these records may be insignificant or
significant depending on the current problems that the person suffers from.
Developmental Origins of Health and Diseases (DOHAD) has successfully proven the importance
of developmental records of individuals in predicting and/or explaining the diseases that a
person is suffering from. In the current largely paper-based medical records world, invaluable
data is more often than not unavailable at the right time in the hands of the clinical care
providers to permit better care. This is largely due to the inefficiencies inherent to the paperbased system. In an electronic world, it is very much possible, provided certain important steps
are taken beforehand to ensure the availability of the right information at the right time.
Increasingly it is becoming extremely necessary to ensure that the right information in right
quantities is available for the right patient at the right time to ensure that the patient receives
right care the five Rs of information requirement.
Electronic health records are a summary of the various electronic medical records that get
generated during any clinical encounter. Without standards, a life-long summary is not possible
as different records from different sources spread across ~80+ years will potentially need to be
brought into one summary. To achieve this, a set of pre-defined standards for information
exchange that includes images, clinical codes and a minimum data set is imperative.
This report provides a structured overview of the key EMR standards with respect to Indian
conditions. Since the field of ICT standards in the health sector is very wide and difficult to
overview, it focuses primarily on the key standards only limited to hardware, software and
connectivity. The various definitions, understanding of the term electronic medical records,
world-wide trends, the recommended HCIT standards, high level requirements and minimum
data sets are provided.
A background on EMR and EHR and its use is provided, followed by a list of the various
stakeholders. A short study of the efforts world-wide including country-wise analysis of similar
efforts and their current state is also outlined. A detailed discussion on the interoperability and
standards that include a discussion on the goals, categories of adoption of standards, clinical
5
standards, EMR/EHR, preservation and security aspects, healthcare informatics standards, and
the various coding systems is carried out followed by the detailing of the minimum data set that
any Indian EMR must have.
While any vendor may choose to have any additionally relevant information captured and
presented, all must conform to the MDS. There are additional notes that are essentially for
industry and vendor guidance in designing and building an EMR. The conclusions include draft
recommendations and final observations. A short reference section and glossary is added for
everyones benefit.
It is important to note that the users of this document are advised to peruse and amalgamate,
as necessary, the various provisions detailed in the Recommendations on Guidelines, Standards
& Practices for Telemedicine in India as submitted by DIT, MCIT, Govt. of India to MoH&FW,
Govt. of India, in July 2007.2
In conclusion, it must be added that these standards cannot be considered either in isolation or
as etched in stone for all eternity. These will need to undergo periodic (at a maximum of 12
months interval) review and update as necessary. This document must be a living document.
2. BACKGROUND
Health Care sector in India has witnessed significant growth during the last few years, both in
quality and capacity. Relatively lower cost of health care, as compared to developed countries,
coupled with international quality, has positioned India as a major destination for health care
services. In spite of such developments, heath care facilities in the country remain inadequate
to meet the needs of the citizens, particularly in rural areas, where approximately 70% of the
people live.
To address these problems, the government has launched major national initiatives such as
National Rural Health Mission, establishment of six new AIIMS like institutions, up gradation of
existing public hospitals and labs, etc. Management of communicable as well as noncommunicable diseases has also been a major area of concern to the government. An
Integrated Disease Surveillance Program (IDSP) is already under implementation. The Noncommunicable Disease Risk Factor Surveillance under IDSP will track trends of selected major
risk factors in the urban and rural population, aged between 15 and 64 years. Innovative
systems are, however, required for quick reporting of such incidents when they occur and to
implement an effective system of intervention to provide the best diagnostic and medical care
to the affected patients and prevent further spread of the disease.
India also has a strong base for medical research. Extensive work is being done as a part of
postgraduate work in medical institutions, ICMR labs and other institutions. There is, however,
a strong need of sharing of knowledge and resources amongst the researchers and healthcare
providers.
In addition, private sector has initiated massive investments in various facets of healthcare. This
is expected to position health care as one of the largest service sectors and a significant
contributor to the GDP. As the health sector is poised for major growth in next decade, the
sheer size of healthcare sector in the country will necessitate extensive use of information and
communication technology (ICT) infrastructure, services and databases for policy planning and
implementation. Such a framework would require services based on inter-operable and
sharable technology, standards utilization, connecting various institutions and service
providers. The use of international experience, best practices and open technologies may be
necessary in some scenarios.
Technology is a critical tool in achieving the benefits of health information exchange (HIE).
However, technology alone is not sufficient. Healthcare industry stakeholders that base their
HIE solutions solely on technology do so at the expense of underlying health information
management principles. An abundance of disparate HIE principles, models, definitions,
products, and standards camouflages some crucial policy and process decisions an HIE initiative
must make in the early stages of its development. Transmitting patient data electronically
without attending to the business processes surrounding data capture, translation, and
transmission has the potential to increase patient risks and healthcare costs. Data accessibility,
reliability, and accuracy are critical factors in obtaining the trust of stakeholders, including
consumers, and in sustaining long-term data exchange on a large scale.3
Electronic health records can improve care by enabling functions that paper medical records
cannot deliver:
EHRs can make a patients health information available when and where it is needed
too often care has to wait because the chart is in one place and needed in another. EHRs
enable clinicians secure access to information needed to support high quality and
efficient care.
EHRs can bring a patients total health information together to support better health
care decisions, and more coordinated care.
EHRs can support better follow-up information for patients for example, after a clinical
visit or hospital stay, instructions and information for the patient can be effortlessly
provided and reminders for other follow-up care can be sent easily or even
automatically to the patient.
EHRs can improve patient and provider convenience patients can have their
prescriptions ordered and ready even before they leave the providers office, and
insurance claims can be filed immediately from the providers office.5
It would certainly not be out of place to mention here that it will be particularly useful to review 45
CFR Part 164 for Security and Privacy aspects associated with EHR/EMR design, development,
implementation, maintenance and use, as well as 45 CFR 160 for administrative requirements
associated with code sets, data entry formats and standard unique identifiers.
3. MAJOR STAKEHOLDERS
Citizens
Health care providers and payers
Education, research institutions and investigators
Government departments and institutions
Public health agencies and NGOs
Pharmaceutical industry and medical device makers
Telemedicine institutions
Software and hardware vendors
Australia
HealthConnect
Austria
ELGA
Canada
EHRS Blueprint
Denmark
MedCom
England
Spine
Hong Kong
eHR Infrastructure
Conducted by Conducted by Medical Informatics Group, C-DAC, as part of Project for Building Distributed
National EHR funded by DIT, MCIT, Govt. of India
10
Netherlands
AORTA
Singapore
EMRX
Sweden
Taiwan
11
12
13
Goals
Promote interoperability and where necessary be specific about certain content exchange
and vocabulary standards to establish a path forward toward semantic interoperability
Support the evolution and timely maintenance of adopted standards
14
15
Transport Standards
(i.e., standards used to establish a common, predictable, secure communication protocol
between systems)
16
SOAP, originally defined as ''Simple Object Access Protocol'', is a protocol specification for
exchanging structured information in the implementation of Web Services in computer
networks. It relies on Extensible Markup Language (XML) as its message format, and usually
relies on other Application Layer protocols (most notably Remote Procedure Call (RPC) and
HyperText Transfer Protocol (HTTP)) for message negotiation and transmission. SOAP can form
the foundation layer of a web services protocol stack, providing a basic messaging framework
upon which web services can be built. The SOAP architecture consists of several layers of
specifications for message format, message exchange patterns (MEP), underlying transport
protocol bindings, message processing models, and protocol extensibility.
Purpose
General
Encryption
and A symmetric 128 bit fixed-block cipher algorithm
Decryption of Electronic Health capable of using a 128, 192, or 256 bit encryption key
Information
must be used
Adopted Standard
17
Description
Any encryption algorithm identified by the National Institute of Standards
and Technology (NIST) as an approved security function in Annex A of the
Federal Information Processing Standards (FIPS) Publication 1402
Access control
Emergency access
Automatic log-off
Audit log
Integrity
Authentication
18
information
General encryption
Optional
Terminologies and classifications are integral to medical research, public health reporting, and
healthcare payment analysis. They are essential to achieve interoperability for a successful
India wide health information system that results in increased patient safety.
Clinical Standards
Clinical standards are health information standards to capture a patient's health information in
a more coherent manner. This health information can include all or part thereof as relevant of
the following:
The illness a patient is suffering from
The physician's observation of the patient's illness
The diagnostic tests that need to be carried out to ascertain the patients illness and to give
the patient better treatment
The results of the diagnostic tests
The kind of treatment to be given to the patient
The way the treatment should be given to the patient
Class
Comments
19
RXNORM/ATC-AHFS
Medicines
Pharmacologic-Therapeutic
Needs to be researched
as there is no universal
20
Classification/NDC
national drug classification,
FDB-first databank (USA)
Indian Drugs MIMS/CIMS
from CMPmedica
Dictionary of Medicine & Medicines & Medical devices
Devices, UK
LOINC
Clinical Laboratory Observations
Messaging
Phase 2
DSM
Psychiatric conditions
NIC/NOC/NANDA
ADA
CDT 2, US
Nursing
Dental
Dental Procedures
Standards
21
HL7 v2.x
HL7 v3
HL7 Clinical Document Architecture (CDA)
EHR - System Functional Model
National
Electrical Digital Imaging and Communications in Medicine (DICOM PS 3.0
Manufacturers
Association 2004 onwards)
(NEMA)
Office of National Coordinator EHR Meaningful Use
for
Health
Information
Technology (ONCHIT) United
States
Table 7: Health Informatics Standards
Issues
Unique Identification
Interoperability / Sharing
Integrated systems require consistent use of standards in e.g. medical terminologies and
high quality data to support information sharing across wide networks
Ethical, legal and technical issues linked to accuracy, security confidentiality and access
rights.
Common record architectures, structures
Clinical information standards and communications protocols
Trends
Patient Occupation
Patient Address Type
Patient Address Line 1
Patient Address Line 2
Patient
City/Town/Village/Police
Station
Patient District
Patient State
Patient Pin Code
Patient Phone Type
Data Type
Data
Format/Values
Length
Numeric
12
As per Aadhar Specifications
Alphanumeric 50
To be split into First Name,
Middle Name and Last (Family)
Name
Date
Fixed
dd.mm.YYYY
Numeric
9
dd.mm.yyy
Alphanumeric 1
To be shortened to one byte as
M, F, U or T. Systems should
translate and show the full
form on user screens
Alphanumeric 50
Alphanumeric 9
Current/Permanent/Previous
Alphanumeric 25
Alphanumeric 25
Alphanumeric 25
LOV List of values
Status
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
25
25
25
9
Mandatory
Mandatory
Optional
Optional
Numeric
Numeric
20
12
Alphanumeric 50
Alphanumeric
Mandatory
Mandatory
Optional
Mandatory
Mandatory
Mandatory
Mandatory
Mandatory
Optional
Mandatory
Optional
Mandatory
Mandatory
Spouse/Parent/Child/Partner/
Cousin/Friend/Neighbour/
Mandatory
23
Emergency
Contact
Person Address Type
Emergency
Contact
Person Address Line 1
Emergency
Contact
Person Address Line 1
Emergency
Contact
Person Address Line 2
Emergency
Contact
Person
City/Town/Village/
Police Station
Emergency
Contact
Person District
Emergency
Contact
Person State
Emergency
Contact
Person Pin Code
Emergency
Contact
Person Phone Type
Alphanumeric 9
Emergency
Contact
Person Phone Number
Care Provider UID
Care Provider Name
Care Provider Address
Type
Care Provider Address
Line 1
Care Provider Address
Line 2
Care
Provider
City/Town/Village/
Police Station
Care Provider District
Care Provider State
Care Provider Pin Code
Care Provider Phone
Type
Numeric
Other
Current/Permanent/Previous
Mandatory
Alphanumeric 25
Mandatory
Alphanumeric 25
Mandatory
Alphanumeric 25
Optional
Alphanumeric 25
Mandatory
Alphanumeric 25
Mandatory
Alphanumeric 25
Mandatory
Alphanumeric 25
Optional
Alphanumeric 9
Landline/Mobile/PP-Landline/ Optional
Neighbour Landline/Relation
Landline
/Neighbour
Mobile/Relation Mobile
(099)9999999999
Optional
20
Numeric
12
Alphanumeric 50
Alphanumeric 9
Mandatory
Mandatory
Mandatory
Alphanumeric 25
Mandatory
Alphanumeric 25
Optional
Alphanumeric 25
Mandatory
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
Mandatory
Mandatory
Optional
Optional
25
25
25
9
24
4
255+
255+
255+
255+
255+
Mobile/Relation Mobile
(099)9999999999
New/Ongoing
9999 no prefixed 0
Optional
Optional
Optional
mandatory if
Episode
Type
is
enabled
Encounter Number
Reason for Visit
Present History
Past History
Family History
Menstrual & Obstetric
History
Numeric
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
Socio-economic History
Immunization History
Alphanumeric 255+
Alphanumeric
Numeric
999 no preceding 0
Optional
Numeric
999 no preceding 0
Optional
Numeric
Floating
3
6,2
999 no preceding 0
999.99
Optional
Optional
Alphanumeric 6
Oral/Armpit/Groin/Rectal
Numeric
999 no preceding 0
Mandatory if
Temperature
is captured
Optional
Floating
6,2
Floating
6,2
Alphanumeric 255+
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
255+
255+
11
10
9999 no prefixed 0
Mandatory
Optional
Optional
Optional
LMP, Cycle Duration, Gravida, Optional
Parity to be captured as
structured data. LMP: date
type; Cycle Duration, Gravida,
Parity: numeric type;
Optional
999.99
999.99
Provisional/Final
Coding system dependent
Optional
Optional
Optional
Optional
Mandatory
Mandatory
Mandatory
25
Diagnosis
Treatment
Plan
Investigations
Treatment
Plan
Medication
Treatment
Plan
Procedure
Treatment Plan Referral
Other Treatment Plan
Type
Other Treatment Plan
Details
Alphanumeric 255+
Alphanumeric 255+
Mandatory
Optional
Alphanumeric 255+
Optional
Alphanumeric 255+
Optional
Alphanumeric 255+
Alphanumeric 10
Optional
Optional
Outcome
Alphanumeric 9
Diet/Life-style/ Others
Alphanumeric 255+
New
Visit/Better/Worse/Same/Fatal
Mandatory if
Other
Treatment
Type
is
selected
Mandatory
26
7. Other
Standards
Hardware
Connectivity
The EMR should be able to harness any telecommunications-related connectivity like the
Internet, LAN, WAN, WAP, CDMA, GSM or even Cloud Computing that will permit the
various EMRs of an individual to be integrated into a single life-long electronic health record
The connectivity must be true, have better 99.9% uptime and is able to allow data exchange
at sufficient speeds to allow one single EMR to be exchanged and displayed on the
requesting system in 1 second of request, irrespective of the distance between the system
making the request and the one executing it
The data exchange must be done in a secure manner to ensure data validity and nonrepudiability
The data exchange must further ensure that data integrity is maintained at all times
Software
It was concluded that the software should
Conform to the specified standards
Satisfy specified requirements
Be Interoperable
27
28
(viii)
Denial of information
30
(x) Digital signatures may be used to prevent non-repudiation based on the specifics of the
use case.
Reference Guidelines for Digital Signatures, available at
http://egovstandards.gov.in/guidelines/Guidelines%20for%20Digital-signature/view
Additional Reference Guidelines for Information Security , available at
http://egovstandards.gov.in/guidelines/guidelines-for-information-security/view
Sub Committee of Task group III is placed at Annexure III.
31
9. DATA SECURITY
Technical Security Guidelines:
(i) Electronic Data Storage:
a. All information marked as PHI (Personal Health Indicators) should be encrypted.
Encryption level should be at least 128 bit. This model has to be followed for any PHI
data stored in mobile devices like cell phones, tablets, etc
b. Passwords should be stored as a one way hash to prevent any chance of thefts
c. Storage of data should be in a manner that it will withstand deterioration, corruption
and unauthorized destruction
(ii ) Electronic Data Transmission:
a. All data should be transmitted using SSL2 (minimum 128bit)
b. Digital signatures may be used to prevent non-repudiation based on the specifics of the
use case. If the EMR documents need to be upheld in a court of law, use of digital
signatures is a must.
(iii) Data Access:
a. In any application that uses EMR, there has to be a role based access control system.
In order to do so, the following guidelines need to be followed
i. Categorize and breakdown health data into logical and reasonable elements or
entities.
ii. Identify individual roles or job functions.
iii. Establish context and conditions of data use at a specific point in time, and
within a specific setting.
b. There is no restriction on the roles that the organization requires to perform its
activities, but it is recommended to closely mirror the roles documented in SNOMED
CT.
c. Audit and control procedures to ensure appropriate use of data by users as well as
detection of unauthorized individuals
(iv) Data Sharing:
a. Identifiable health information should not be disclosed without the informed consent of
the identified individual(s) except as required by law or for communication between the
patients current health care provider team.
b. When information is released pursuant to the individuals authorization the party
receiving the health information shall not further redisclose the information without the
individuals authorization to disclose the health information except in an emergency
treatment situation.
32
c. Aggregate data sharing for research, etc, should ensure that patient identity information
is de-identified so that there cannot be any link made back to the patient. Mechanisms
like k- anonymity maybe used to ensure patient privacy in this case.
(v) Data Audit:
a. The electronic health record system and other health information systems should be
designed to verify the identity
i. of the user and record each access to the record/database and
ii. the action taken (read, copy, update, etc).
b. In addition to documenting the access by
i. time, date, and individual it is also recommended that the
ii. purpose of the access be documented. Many authorizations
iii. contain a purpose statement that could be related to access.
iv. Internal organizational users should provide a purpose by
v. category (for example, patient treatment, patient billing, utilization
vi. Management, etc.).
c. There has to be a mechanism to identify source of each datum in the database.
(vi) General Software / Application Requirements:
a. Software should have a design safeguards to prevent allocation of data to the wrong
patient.
b. Software should ensure that Patient record is changed only via an amendment process.
Also, the amended current version should be maintained along with the previous
versions ensuring that data is not deleted.
Administrative Guidelines:
Certification Process:
a. A periodic certification / audit process (maybe yearly) is necessary to ensure compliance
b. Certification process has to cover artifacts that helps audit the following areas
i. Access by authorized users
ii. Appropriate use of health information
iii. Disclosure of health information
iv. Protection of data integrity
v. Amending health information
vi. Authentication of users
vii. Encryption of health information
viii. Use of digital signatures
ix.
Use of audit findings.
x.
Software change management process
xi.
Computer network vulnerabilities
xii. Physical Security measures
c. There has to be at least one person in the organization who would be trained as a Chief
Compliance Officer
33
d. There has to be a Incident Reporting process that would be used to report incidences
of non-compliance
e. Agreements with vendors and other business partners reinforce the commitment to
protect the confidentiality of health information. Organizations may also use
confidentiality agreements with staff to reinforce commitment to maintaining the
confidentiality of health information.
34
10.
(1)
(2)
(3)
(4)
(5)
(6)
(7)
(8)
(9)
(10)
(11)
REFERENCES
35
11.
Annexures
Annexure I
GO related to Sub-Groups Formation
Dated: 19 /10/2010
OFFICE MEMORANDUM
Subject: -
aspects/complaints,
guidelines
and
reports
already
available.
The Group Heads and the members of the sub groups are
requested to complete the tasks assigned to them within the stipulated
time frame as per the TOR.
Payment : All non-official members of the Sub-Groups, who are
outstation, will be eligible for reimbursement of air travel by the economy
class / shortest direct route and per diem @ Rs. 1000/- and other nonofficial members per diem @ Rs. 1000/- for the Sub-Groups meetings. Out
station non-official members will also be entitled for reimbursement of
hotel accommodation expenses as per actual subject to a ceiling of Rs.
5000/-. TA /DA of official members of the Sub-Groups for attending the
meetings shall be met from the same source from which their salary is
drawn.
This issues with the approval of Secretary (Health & Family
Welfare).
(V. P. Singh)
Deputy Secretary to the Govt. of India
Ph. No.2306 2791
To
All the members of the EMR Standard Committee / Sub-Groups (As per
list)
Copy to: PPS to HFM/ PPS to MOS(DT)/ PPS to Secretary (H&FW)/
PPS to DGHS/ PPS to AS & DG, CGHS /PS to JS (H)
37
Annexure II
Sub- Committee of Task Group III
Sl.
No.
1.
Names
Prof. Saroj K. Mishra
Sanjay Gandhi PG Inst. of Medical Sciences
2.
3.
4.
5.
6.
7.
8.
9.
38
ANNEXURE III
Preparatory Process for Draft Recommendations
Committee Discussions
39
ANNEXURE IV
Glossary of Medical Terms
[A]
Access: The patients ability to obtain medical care. The ease of access is determined by such
components as the availability of medical services and their acceptability to the patient, the location of
health care facilities, transportation, hours of operation and cost of care. Access describes an
individuals ability to obtain appropriate health care services. Barriers to access can be financial
(insufficient monetary resources), geographic (distance to providers), organizational (lack of available
providers) and sociological (e.g., discrimination, language barriers). Efforts to improve access often focus
on providing/improving health coverage.
Actively-at-Work: Describes insurers policy requirement indicating that coverage will not go into effect
until the employees first day of work on or after the effective date of coverage. May also apply to
dependents disabled on the effective date.
Activities of Daily Living: (ADLs, ADL) - An individuals daily habits such as bathing, dressing and eating.
ADLs are often used as an assessment tool to determine an individuals ability to function at home, or in
a less restricted environment of care.
Addendum: Text that is added to a document after it has been finalized.
Adjudication: Processing claims according to contract.
ADSL (Asymmetric Digital Subscriber Line): A type of DSL that uses copper telephone lines to transmit
data faster than a traditional modem. ADSL only works within short distances because it uses high
frequencies with short signals.
Alerts: Pop-ups or reminders. An automated warning system such a clinical alerts, preventive health
maintenance, medication interactions etc.
Allergy List: This is a list of all the patients allergies.
Allowed Charge: is the amount, that Medicare approves for payment to a physician, but this amount
may not match the amount the physician gets paid by Medicare (due to co-pay or deductibles) and
usually does not match what the physician charges patients. Medicare normally pays 80 percent of the
approved charge and the beneficiary pays the remaining 20 percent. The allowed charge for a
nonparticipating physician is 95 percent of that for a participating physician. Non-participating
physicians may bill beneficiaries for an additional amount above the allowed charge. The CMS
intermediary in each state publishes these rates.
Allowable Costs: Covered expenses within a given health plan reflecting Items or elements of an
institutions costs, which is reimbursable under a payment formula. Both Medicare and Medicaid
reimburse hospitals on the basis of only certain costs. Allowable costs may exclude, for example, luxury
travel or marketing. CMS publishes an extensive list of rules governing these costs and provides
software for determining costs. Normally the costs which are not reasonable expenditures, which are
unnecessary, which are for the efficient delivery of health services to persons covered under the
40
program in question and are not reimbursed. The most common form of cost reimbursement is the
cost report methodology used for DRG-exempt services, such as many out-patient hospital based
programs, long-term care and skilled nursing units, physical rehab, psychiatric and substance abuse
inpatient programs. Some specialty hospitals receive all of their CMS reimbursement as cost based
reimbursement.
Ambulatory care: Any medical care delivered on an outpatient basis.
Annotator: A system function that allows an explanatory note or diagram to be added to an image.
Appointment Scheduler: The appointment scheduler which takes charge of your appointment tracking,
fixing and blocking.
ASP: Application Service Provider (a.k.a. - Web based)
ASP (Applications Service Provider): Application service provider is a business that provides computer
based services to customers over a network. Usually web based, within the EHR/EMR solution paradigm
it is a remotely hosted program and database. Advantages are reduced initial investment in hardware
and reduced responsibility in maintenance of server and data. The disadvantages are completely
dependent on internet connectivity and on the server host speed to access images, scanned documents,
etc. Long term cost is frequently greater.
ASP (Active Server Page): is dynamically generated web page with the use of ActiveX scripting, which
executes on the server instead on the Web browser (HTML). The Server executes the file and generates
an HTML formatted page for Search Engine Spiders or Web Browsers so it can be displayed properly.
Authentication: The verification of the identity of a person or process.
Authorization: Any document designating any permission. The HIPAA Privacy Rule requires
authorization or waiver of authorization for the use or disclosure of identifiable health information for
research (among other activities). The authorization must indicate if the health information used or
disclosed is existing information and/or new information that will be created. The authorization form
may be combined with the informed consent form, so that a patient need sign only one form. An
authorization must include the following specific elements: a description of what information will be
used and disclosed and for what purposes; a description of any information that will not be disclosed, if
applicable; a list of who will disclose the information and to whom it will be disclosed; an expiration date
for the disclosure; a statement that the authorization can be revoked; a statement that disclosed
information may be re-disclosed and no longer protected; a statement that if the individual does not
provide an authorization, she/he may not be able to receive the intended treatment; the subjects
signature and date.
[B]
Balance Billing: The practice of billing a patient for the fee amount remaining after insurer payment and
co-payment have been made. Under Medicare, the excess amount cannot be more than 15 percent
above the approved charge.
41
Balance Forward: An accounting reference for the amount outstanding on an account transferred from
another billing system. Primarily used during data migration from your legacy system to your new
Medinformatix system
Bed Days: Number of inpatient hospital days per 1,000 health plan members for a specified period,
usually annual.
Behavioral Health, Behavioral Healthcare: An umbrella term that includes mental health, psychiatric,
marriage and family counseling, addictions treatment and substance abuse. Services are provided by a
myriad of providers, including social workers, counselors, psychiatrist, psychologists, neurologists and
even family practice physicians. Many states have parity laws that attempt to require that behavioral
health insurance coverage be provided on par to physical health coverage.
Beneficiary (Also eligible; enrollee; member): Individual who is either using or eligible to use insurance
benefits, including health insurance benefits, under an insurance contract. It describes any person
eligible as either a subscriber or a dependent for a managed care service in accordance with a contract.
An individual who receives benefits from or is covered by an insurance policy or other health care
financing program.
Billed Claims: Fees submitted by a health care provider for services rendered to a covered person. Fees
billed and fees paid are rarely synonymous.
BMI (Body Mass Index): Calculation based on height and weight. This is similar to percent body fat and
demonstrates how much effect a persons weight is on their health.
BMI charts: BMI charts within EMR systems can manipulate data, perform calculations, and adapt to
user preferences and patient characteristics, users may expect greater functionality from electronic BMI
charts.
BSA (Body Surface Area): In physiology and medicine, the body surface area (BSA) is the measured or
calculated surface of a human body. For many clinical purposes BSA is a better indicator of metabolic
mass than body weight because it is less affected by abnormal adipose mass. Estimation of BSA is
simpler than many measures of volume.
[C]
Continuity of Care Document (CCD):
Continuity of Care Record (CCR): The continuity of care record is a standardized electronic snapshot of a
patients medical, insurance, and demographic information at any given point in time. Standardization
was established by the Healthcare Information and Management Systems Society (HIMSS), the American
Academy of Family Physicians (AAFP), other medical societies, and vendors and others in the healthcare
informatics industry. Data are transmitted in XML, a standard transmission language, enabling a
patients CCR to be shared among any number of providers. Each provider may make additions or
changes to the information in a patients CCR, which is kept up-to-date in real time. While not all of the
patients information is in the CCRdistinguishing it from most full-function electronic PHRscritical
information is available that may be useful in referrals, travel situations, and emergencies
42
Capitated payments: Payment for healthcare services based on the number of patients who are covered
for specific services over a specified period of time rather than the cost or number of services that are
actually provided.
Case Manager: A nurse, doctor, or social worker who works with patients, providers and insurers to
coordinate all services deemed necessary to provide the patient with a plan of medically necessary and
appropriate health care.
Case Management: Method designed to accommodate the specific health services needed by an
individual through a coordinated effort to achieve the desired health outcome in a cost effective
manner. The monitoring and coordination of treatment rendered to patients with specific diagnosis or
requiring high-cost or extensive services. Case management is the process by which all health-related
matters of a case are managed by a physician or nurse or designated health professional. Physician case
managers coordinate designated components of health care, such as appropriate referral to consultants,
specialists, hospitals, ancillary providers and services. Case management is intended to ensure
continuity of services and accessibility to overcome rigidity, fragmented services, and the missutilization of facilities and resources. It also attempts to match the appropriate intensity of services with
the patients needs over time.
Case Severity: A measure of intensity or gravity of a given condition or diagnosis for a patient. May have
direct correlation with the amount of service provided and the associated costs or payments allowed.
CCHIT: Acronym for Certification Commission for Healthcare Information Technology is the recognized
certification authority for electronic health records and their networks, and an independent, voluntary,
private-sector initiative.
Chain of Trust Agreement: Referred to in HIPAA rules, this is a contract needed to extend the
responsibility to protect health care data across a series of sub-contractual relationships.
CHAMPUS: Civilian Health and Medical Program of the Uniformed Services.
Charges: These are the published prices of services provided by a facility. CMS requires hospitals to
apply the same schedule of charges to all patients, regardless of the expected sources or amount of
payment. Controversy exists today because of the often wide disparity between published prices and
contract prices. The majority of payers, including Medicare and Medicaid, are becoming managed by
health plans that negotiate rates lower than published prices. Often these negotiated rates average 40%
to 60% of the published rates and may be all-inclusive bundled rates.
Chart Note: A document, written by the clinician or provider, which describes the details of a patients
encounter. It is sometimes referred to as a progress note.
Chief Complaint (CC)/Reason for Consultation (RFC)/Reason for Visit (ROV): for recording a patients
disease symptoms.
Citrix Server: A server solution, similar to Microsoft Terminal Services that provides remote access to
clients via the web or to dummy terminals in a network.
Clearinghouse: A company that provides clearing and settlement services for medical financial
transactions. Some of the more popular clearinghouses include Emdeon/WebMD, McKesson and THIN.
43
Client-Server: A network architecture which separates the client (often an application that uses a
graphical user interface) from the server.
Computerized Patient Record (CPR): Also known as an EMR or EHR. A patient's past, present, and future
clinical data stored in a server.
Computerized Physician Order Entry (CPOE): A system for physicians to electronically order labs,
imaging and prescriptions
CPT Code: A nationally recognizable five-digit number used to represent a service provided by a
healthcare provider.
Client/Server architecture: An information-transmission arrangement, in which a client program sends a
request to a server. When the server receives the request, it disconnects from the client and processes
the request. When the request is processed, the server reconnects to the client program and the
information is transferred to the client. This usually implies that the server is located on site as opposed
to the ASP (Application Server Provider) architecture.
Clinical Data Repository (CDR):A real-time database that consolidates data from a variety of clinical
sources to present a unified view of a single patient. It is optimized to allow clinicians to retrieve data for
a single patient rather than to identify a population of patients with common characteristics or to
facilitate the management of a specific clinical department.
Clinical Decision support system (CDSS): A clinical decision support system (CDSS) is software designed
to aid clinicians in decision making by matching individual patient characteristics to computerized
knowledge bases for the purpose of generating patient-specific assessments or recommendations.
Clinical Guidelines (Protocols): Clinical guidelines are recommendations based on the latest available
evidence for the appropriate treatment and care of a patients condition.
Clinical messaging: Communication of clinical information within the electronic medical record to other
healthcare personnel.
Claim: A request by an individual (or his or her provider) to that individuals insurance company to pay
for services obtained from a health care professional.
Claims Review: The method by which an enrollees health care service claims are reviewed prior to
reimbursement. The purpose is to validate the medical necessity of the provided services and to be sure
the cost of the service is not excessive.
CMS (formerly HCFA) : The Centers for Medicare & Medicaid Services (CMS), previously known as the
Health Care Financing Administration (HCFA), is a federal agency within the United States Department of
Health and Human Services (DHHS) that administers the Medicare program and works in partnership
with State governments to administer Medicaid, the State Childrens Health Insurance Program (SCHIP),
and health insurance portability standards.
CMS-1450: The uniform institutional claim form.
CMS-1500: The uniform professional claim form.
44
45
Cost Sharing: Payment method where a person is required to pay some health costs in order to receive
medical care. The general set of financing arrangements whereby the consumer must pay out-of-pocket
to receive care, either at the time of initiating care, or during the provision of health care services, or
both. This includes deductibles, coinsurance and co-payments, but not the share of the premium paid by
the person enrolled.
Current Procedural Terminology (CPT): A standardized mechanism of reporting services using numeric
codes as established and updated annually by the AMA. It is a manual that assigns five digit codes to
medical services and procedures to standardize claims processing and data analysis. The coding system
for physicians services developed by the CPT Editorial Panel of the American Medical Association; basis
of the Medicare coding system for physicians services. A medical code set of physician and other
services, maintained and copyrighted by the American Medical Association (AMA), and adopted by the
Secretary of HHS as the standard for reporting physician and other services on standard transactions.
See Coding.
Customary, prevailing, and reasonable (CPR): Current method of paying physicians under Medicare.
Payment for a service is limited to the lowest of (1) the physicians billed charge for the service, (2) the
physicians customary charge for the service, or (3) the prevailing charge for that service in the
community. Similar to the Usual, Customary, and Reasonable system used by private insurers.
[D]
Database Management System (DBMS): The separation of data from the computer application that
allows entry or editing of data.
Data Content: Under HIPAA, this is all the data elements and code sets inherent to a transaction, and
not related to the format of the transaction.
Decision Support System: Computer technologies used in healthcare that allow providers to collect and
analyze data in more sophisticated and complex ways. Activities supported include case mix, budgeting,
cost accounting, clinical protocols and pathways, outcomes, and actuarial analysis.
Deductibles: Amounts required to be paid by the insured under a health insurance contract, before
benefits become payable. This is usually expressed in terms of an annual amount.
DICOM (Digital Imaging and Communications in Medicine): Digital Imaging and Communications in
Medicine (DICOM) is a standard to aid the distribution and viewing of medical images, such as CT scans,
MRIs, and ultrasound.
Digital Imaging and Communications in Medicine (DICOM): A standard to define the connectivity and
communication between medical imaging devices.
Disease Management: A type of product or service now being offered by many large pharmaceutical
companies to get them into broader healthcare services. Bundles use of prescription drugs with
physician and allied professionals, linked to large databases created by the pharmaceutical companies,
to treat people with specific diseases. The claim is that this type of service provides higher quality of
care at more reasonable price than alternative, presumably more fragmented, care. The development of
such products by hugely capitalized companies should be the entire indicator necessary to convince a
provider of how the healthcare market is changing. Competition is coming from every directionother
46
providers of all types, payers, employers who are developing their own in-house service systems, the
drug companies.
Document Imaging: Is a process of converting paper documents into an electronic format usually
through a scanning process.
Documentation: The process of recording information.
Document Management: The Document Manager allows the medical institution to store vital patient
documents such as X-Rays, Paper Reports, and Lab Reports etc.
Drug Formulary: Varying lists of prescription drugs approved by a given health plan for distribution to a
covered person through specific pharmacies. Health plans often restrict or limit the type and number of
medicines allowed for reimbursement by limiting the drug formulary list. The list of prescription drugs
for which a particular employer or State Medicaid program will pay. Formularies are either closed,
including only certain drugs or open, including all drugs. Both types of formularies typically impose a
cost scale requiring consumers to pay more for certain brands or types of drugs. See also Formulary.
Drug Formulary Database: This EMR feature is used for electronic prescribing, electronic medical record
(EMR), and computerized physician order entry (CPOE) systems to present formulary status to the
provider while during the prescribing decision.
[E]
E/M level coding: Evaluation and Management level coding documentation of each visit which
identifies each service provided during an office visit.
EDI: Acronym for Electronic Data Interchange. Electronic communication between two parties, generally
for the filing of electronic claims to payers.
EDI Translator: Used in electronic claims and medical record transmissions, this is a software tool for
accepting an EDI transmission and converting the data into another format, or for converting a non-EDI
data file into an EDI format for transmission. See also Electronic Data Interchange.
Effective Date: The date on which a policys coverage of a risk goes into effect.
Electronic health records (EHR): is a distributed personal health record in digital format. The EHR
provides secure, real-time, patient-centric information to aid clinical decision-making by providing
access to a patients health information at the point of care.
Electronic Claim: A digital representation of a medical bill generated by a provider or by the providers
billing agent for submission using telecommunications to a health insurance payer. Most claims are
electronically submitted.
Electronic Data Interchange (EDI): The automated exchange of data and documents in a standardized
format. In health care, some common uses of this technology include claims submission and payment,
eligibility, and referral authorization. This refers to the exchange of routine business transactions from
one computer to another in a standard format, using standard communications protocols.
47
Electronic Medical Records (EMR): A computer-based record containing health care information. This
technology, when EMR fully developed, meets provider needs for real-time data access and evaluation
in medical care. Together with clinical workstations and clinical data repository technologies, the
provides the mechanism for longitudinal data storage and access. A motivation for healthcare entities to
implement this technology derives from the need for medical outcome studies, more efficient care,
speedier communication among providers and management of health plans. This record may contain
some, but not necessarily all, of the information that is in an individuals paper-based medical record.
One goal of HIPAA is to protect identifiable health information as the system moves from a paper-based
to an electronic medical record system. See also Computerized Medical Record.
EMR: Acronym for Electronic Medical Records. A computerized record of a patient's clinical,
demographic and administrative data. Also known as a computer-based patient record (CPR) or
electronic health record (EHR).
Electronic Eligibility: this EMR feature access a payer to deliver up-to-date insurance benefits eligibility
information on patients.
Electronic Health Records (EHR): Patient health records including treatment history, medical test
reports, and images stored in an electronic format that can be accessed by healthcare providers on a
computer network
EPR: Broadly defined, a personal health record is the documentation of any form of patient
informationincluding medical history, medicines, allergies, visit history, or vaccinationsthat patients
themselves may view, carry, amend, annotate, or maintain. Today, when we refer to PHRs, we typically
mean an online personal health recordwhich may variously be referred to as an ePHR, an Internet PHR,
an Internet medical record, or a consumer Internet Medical Record (CIMR). Generally, such records are
maintained in a secure and confidential environment, allowing only the individual, or people authorized
by the individual, to access the medical information. Not all electronic PHRs are Internet PHRs. PC-based
PHRs may be set up to capture medical information offline.
Electronic Super bill: An electronic encounter form used for coding and billing.
EPR (Electronic Patient Record): Electronically maintained information about an individuals lifetime
health status and healthcare from all specialties.
Evidence based medicine: Evidence-based medicine (EBM) is the integration of best research evidence
with clinical expertise to aid in the diagnosis and management of patients.
Explanation of Benefits (EOB): A statement from the patient's insurance company that breaks down
services rendered at time of doctor or hospital visit and amounts covered by insurance provider
[F]
Face Sheet: Also called a Summary Screen or Patient Dashboard. This screen includes a summary of
patient relevant information on one screen.
Family History: A list of the patients family medical history including the chronic medical problems of
parents, siblings, grandparents, etc.
48
Fee Schedules: A set maximum fee that an insurance company will pay a healthcare provider, it is a list
of all CPT and HCPCS codes and their corresponding charges. This can be variable based on insurance.
Fee schedules are usually associated with a particular payer and reflect the reimbursement rates
negotiated under the contract.
Fee-for-service: A health insurance plan that allows policyholders to pay for any provider service, submit
a claim to the insurance company, and get reimbursed if the service is covered by the insurance
provider
First DataBank: The leading provider of drug information. Provides context and integration information
for healthcare of every type at every level.
Formatting and Protocol Standards: Data exchange standards which are needed between CPR systems,
as well as CPT and other provider systems, to ensure uniformity in methods for data collection, data
storage and data presentation. Proactive providers are current in their knowledge of these standards
and work to ensure their information systems conform to the standards.
Formulary: An approved list of prescription drugs; a list of selected pharmaceuticals and their
appropriate dosages felt to be the most useful and cost effective for patient care. Organizations often
develop a formulary under the aegis of a pharmacy and therapeutics committee. In HMOs, physicians
are often required to prescribe from the formulary. See also Drug Formulary.
[G]
Growth Chart: A feature for a Primary Care or EMR that can be used for paediatric patients. Age, height,
weight, and head measurements can be entered over the patient's lifetime, and the feature creates a
line graph.
Group Insurance: Any insurance policy or health services contract by which groups of employees (and
often their dependents) are covered under a single policy or contract, issued by their employer or other
group entity.
Group Model HMO, Group Network HMO: An HMO that contracts with one or more independent group
practice to provide services to its members in one or more locations. Health care plan involving
contracts with physicians organized as a partnership, professional corporation, or other legal
association. It can also refer to an HMO model in which the HMO contracts with one or more medical
groups to provide services to members. In either case, the payer or health plan pays the medical group,
which is, in turn, is responsible for compensating physicians. The medical group may also be responsible
for paying or contracting with hospitals and other providers.
Group Practice: A group of persons licensed to practice medicine in the State, who, as their principal
professional activity, and as a group responsibility, engage or undertake to engage in the coordinated
practice of their profession primarily in one or more group practice facilities, and who in their
connection share common overhead expenses if and to the extent such expenses are paid by members
of the group, medical and other records, and substantial portions of the equipment and the
professional, technical, and administrative staffs. Group practices use the acronyms PA, IPA, MSO and
others. Group practices are far more common now than a decade ago because physicians seek to lower
costs, increase contracting power and share payer contracts.
49
[H]
Health and Human Services (HHS): The Department of Health and Human Services that is responsible
for health-related programs and issues. Formerly it was known as HEW, the Department of Health,
Education, and Welfare. The Office of Health Maintenance Organizations (OHMO) is part of HHS and
detailed information on most companies is available here through the Freedom of Information Act.
HCFA (CMS-1500 Form): The insurance claim form that a healthcare provider turns in to an insurance
company
HCFA 1500: The Health Care Finance Administrations standard form for submitting provider service
claims to third party companies or insurance carriers. HCFA is now called CMS, see CMS.
HCFA-1450: More commonly known as the UB-92 (Universal Bill). This is also an insurance claim form,
but is used for hospital visits and rural health claims. It is characterized by including more procedure
level reporting lines, as well as place for information such as hospital days.
Health: The state of complete physical, mental, and social well-being and not merely the absence of
disease or infirmity. It is recognized, however, that health has many dimensions (anatomical,
physiological, and mental) and is largely culturally defined. The relative importance of various disabilities
will differ depending upon the cultural milieu and the role of the affected individual in that culture. Most
attempts at measurement have been assessed in terms or morbidity and mortality.
Health Care, Healthcare: Care, services, and supplies related to the health of an individual. Health care
includes preventive, diagnostic, therapeutic, rehabilitative, maintenance, or palliative care, and
counseling, among other services. Healthcare also includes the sale and dispensing of prescription drugs
or devices.
Health Care Clearinghouse: A public or private entity that does either of the following (Entities,
including but not limited to, billing services, reprising companies, community health management
information systems or community health information systems, and value-added networks and
switches are health care clearinghouses if they perform these functions): 1) Processes or facilitates the
processing of information received from another entity in a nonstandard format or containing
nonstandard data content into standard data elements or a standard transaction; 2) Receives a standard
transaction from another entity and processes or facilitates the processing of information into
nonstandard format or nonstandard data content for a receiving entity. This term is used in the HIPAA
rules.
Health Care Financing Administration (HCFA): The federal government agency within the Department
of Health and Human Services which directs and oversees the Medicare and Medicaid programs (Titles
XVIII and XIX of the Social Security Act) and conducts research to support those programs. It is now
called CMS and generally it oversees the states administrations of Medicaid, while directly
administering Medicare. See CMS, or Center for Medicare and Medicaid Services.
Health Care Operations: Institutional activities that are necessary to maintain and monitor the
operations of the institution. Examples include but are not limited to: conducting quality assessment
and improvement activities; developing clinical guidelines; case management; reviewing the
competence or qualifications of health care professionals; education and training of students, trainees
and practitioners; fraud and abuse programs; business planning and management; and customer
50
service. Under the HIPAA Privacy Rule, these are allowable uses and disclosures of identifiable
information without specific authorization. Research is not considered part of health care operations.
Health Care Provider: Providers of medical or health care or researchers who provide health care are
health care providers. Normally health care providers are clinics, hospitals, doctors, dentists,
psychologists and similar professionals.
Healthcare Provider Taxonomy Codes: An administrative code set that classifies health care providers
by type and area of specialization. The code set will be used in certain adopted transactions. (Note: A
given provider may have more than one Healthcare Provider Taxonomy Code.)
Health Employer Data and Information Set (HEDIS): A set of HMO performance measures that are
maintained by the National Committee for Quality Assurance. HEDIS data is collected annually and
provides an informational resource for the public on issues of health plan quality.
Health Information: Information in any form (oral, written or otherwise) that relates to the past,
present or future physical or mental health of an individual. That information could be created or
received by a health care provider, a health plan, a public health authority, an employer, a life insurer, a
school, a university or a health care clearinghouse. All health information is protected by state and
federal confidentiality laws and by HIPAA privacy rules.
Health Insurance: Financial protection against the health care costs of the insured person. It may be
obtained in a group or individual policy.
Health Insurance Portability and Accountability Act of 1996 (HIPAA): A Federal law that allows persons
to qualify immediately for comparable health insurance coverage when they change their employment
relationships. This legislation sets a precedent for Federal involvement in insurance regulation. It sets
minimum standards for regulation of the small group insurance market and for a set group in the
individual insurance market in the area of portability and availability of health insurance. As a result of
this law, hospitals, doctors and insurance companies are now required to share patient medical records
and personal information on a wider basis. This wide-based sharing of medical records has led to privacy
rules, greater computerization of records and consumer concerns about confidentiality. In addition,
HIPAA required the creation of a federal law to protect personally identifiable health information; if that
did not occur by a specific date (which it did not), HIPAA directed the Department of Health and Human
Services (DHHS) to issue federal regulations with the same purpose. DHHS has issued HIPAA privacy
regulations (the HIPAA Privacy Rule) as well as other regulations under HIPAA. HIPAA gives HHS the
authority to mandate the use of standards for the electronic exchange of health care data; to specify
what medical and administrative code sets should be used within those standards; to require the use of
national identification systems for health care patients, providers, payers (or plans), and employers (or
sponsors); and to specify the types of measures required to protect the security and privacy of
personally identifiable health care information. This is also known as the Kennedy-Kassebaum Bill, the
Kassebaum-Kennedy Bill, K2, or Public Law 104-191.
Health Level Seven (HL7): A data interchange protocol for health care computer applications that
simplifies the ability of different vendor-supplied IS systems to interconnect. Although not a software
program in itself, HL7 requires that each healthcare software vendor program HL7 interfaces for its
products.
51
Health Maintenance Organization (HMO): HMOs offer prepaid, comprehensive health coverage for
both hospital and physician services. The HMO is paid monthly premiums or capitated rates by the
payers, which include employers, insurance companies, government agencies, and other groups
representing covered lives. The HMO must meet the specifications of the federal HMO act as well as
meeting many rules and regulations required at the state level. There are 4 basic models: group model,
individual practice association, network model and staff model. An HMO contracts with health care
providers, e.g., physicians, hospitals, and other health professionals. The members of an HMO are
required to use participating or approved providers for all health services and generally all services will
need to meet further approval by the HMO through its utilization program. Members are enrolled for a
specified period of time. HMOs may turn around and sub-capitate to other groups. For example, it may
carve-out certain benefit categories, such as mental health, and sub-capitate these to a mental health
HMO. Or the HMO may sub-capitate to a provider, provider group or provider network. HMOs are the
most restrictive form of managed care benefit plans because they restrict the procedures, providers and
benefits.
Help Desk: Service and support desk
HIPAA: The Health Insurance Portability and Accountability Act of 1996, is a set of federal regulations
which establishes national standards for health care information.
History of Present Illness (HPI): The HPI is the history of the patients chief complaint.
HL7 (Health Level 7): one of the American National Standards Institute accredited Standard Developing
Organization (SDO) - Health Level 7 domain is the standards for electronic interchange of clinical,
financial and administrative info among healthcare oriented computer systems. Is a not-for-profit
volunteer organization. It develops specifications, most widely used is the messaging standard that
enables disparate health care applications to exchange key sets of clinical and administrative data. It
promotes the use of standards within and among healthcare organizations to increase the effectiveness
and efficiency of healthcare delivery. It is an international community of healthcare subject matter
experts and information scientists collaborating to create standards for the exchange, management and
integration of electronic healthcare information.
Human Subject: Under HIPAA rules, this term refers to a living subject participating in research about
whom directly or indirectly identifiable health information or data are obtained or created.
Hybrid Record: Term used for when a provider uses a combination of paper and electronic medical
records during the transition phase to EMR.
[I]
International Classification of Diseases, Ninth Revision, Clinical Modification (ICD-9-CM, ICD-10-CM):
This is the universal coding method used to document the incidence of disease, injury, mortality and
illness. A diagnosis and procedure classification system designed to facilitate collection of uniform and
comparable health information. The ICD-9-CM was issued in 1979. This system is used to group patients
into DRGs, prepare hospital and physician billings and prepare cost reports. Classification of disease by
diagnosis codified into six-digit numbers. See also coding.
52
ICD-9: Internationally recognizable 3 to 5-digit code representing a medical diagnosis. Currently being
replaced by the ICD-10 code.
IPA: Independent Physician Association or Independent Practice Association. Group of independent
physicians that have joined together to negotiate contracts with payers, receive quantity discounts on
products
International Health Transaction Standards Development Organization (IHTSDO):
Informatics: The application of computer technology to the management of information.
Integration: Integration allows for secure communication between enterprise applications.
Interoperability: The capability to provide successful communication between end-users across a mixed
environment of different domains, networks, facilities and equipment.
Insurance Eligibility Check: to take care of the vital process of checking patients insurance eligibility
often results in billing errors, insurance coverage concerns and delays.
Immunization: A complete list of all immunizations that the patient has had.
ISP: Internet Service Provider
IT (Information Technology): The development, installation, and implementation of computer systems
and applications.
Independent Practice Association (IPA): or Organization (IPO) - A delivery model in which the HMO
contracts with a physician organization, which in turn contracts with individual physicians. The IPA
physicians practice in their own offices and continue to also see their FFS patients. The HMO reimburses
the IPA on a capitated basis; however, the IPA may reimburse the physicians on an FFS or capitated
basis.
Interface: A means of communication between two computer systems, two software applications or
two modules. Real time interface is a key element in healthcare information systems due to the need to
access patient care information and financial information instantaneously and comprehensively. Such
real time communication is the key to managing health care in a cost effective manner because it
provides the necessary decision-making information for clinicians, providers and payers.
Internal Medicine: Generally, that branch of medicine that is concerned with diseases that do not
require surgery, specifically, the study and treatment of internal organs and body systems; it
encompasses many subspecialties; internists, the doctors who practice Internal medicine, often serve as
family physicians to supervise general medical care.
[J]
J-Codes: A subset of the HCPCS Level II code set with a high-order value of J that has been used to
identify certain drugs and other items.
53
Joint Commission on the Accreditation of Healthcare Organizations (JCAHO): Formerly called JCAH, or
Joint Commission on Accreditation of Hospitals, this is the peer review organization which provides the
primary review of hospitals and healthcare providers. Many insurance companies require providers to
have this accreditation in order to seek 3rd party payment, although, many small hospitals cannot afford
the cost of accreditation. JCAHO usually surveys organizations once every 3 years, sending in a medical
and administrative team to review policies, patient records, professional credentialing procedures,
governance and quality improvement programs. JCAHO revises its standards annually.
[K]
Key Contributor Plan: This refers to a little known performance-based program with incentives for the
purpose of attracting, motivating and retaining key individuals or small groups.
[L]
LAN (Local Area Network): A LAN supplies networking capability to a group of computers in close
proximity to each other such as in an office building, a school, or a home.
Legacy Systems: Computer applications, both hardware and software, which have been inherited
through previous acquisition and installation. Most often, these systems run business applications that
are not integrated with each other. Newer systems which stress open design and distributed processing
capacity are gradually replacing such systems.
Legacy System: Term used to describe an old system (usually hardware and software), ie. old medical
billing software system.
Legacy System Integration: The integration of data between a legacy system and some other software
program most commonly using HL-7 standards.
LEPR (Longitudinal Patient Record): Longitudinal Patient Record is an EHR that includes all healthcare
information from all sources.
Legend Drug: Drug that the law says can only be obtained by prescription.
Length of Stay (LOS): The duration of an episode of care for a covered person. The number of days an
individual stays in a hospital or inpatient facility. May also be reviewed as Average Length of Stay (ALOS).
Licensing: A process most States employ, which involves the review and approval of applications from
HMOs prior to beginning operation in certain areas of the State. Areas examined by the licensing
authority include: fiscal soundness, network capacity, MIS, and quality assurance. The applicant must
demonstrate it can meet all existing statutory and regulatory requirements prior to beginning
operations.
Lifetime Limit: A cap on the benefits paid under a policy. Many policies have a lifetime limit of $1
million, which means that the insurer agrees to cover up to $1 million in covered services over the life of
the policy.
[M]
54
M.A. (Medical Assistant): If certified, is referred to as CMA. Some clinics have similar positions known as
Clinical Assistants. Used in most offices as a part of the nursing staff with responsibilities including
working up patients, triaging and returning patient calls and assisting the provider in general.
MD: Medical Doctor
Management Information System (MIS): The common term for the computer hardware and software
that provides the support of managing the plan.
Master Patient / Member Index: An index or file with a unique identifier for each patient or member
that serves as a key to a patients or members health record.
Maximum Allowable Actual Charge (MAAC): A limitation on billed charges for Medicare services
provided by nonparticipating physicians. For physicians with charges exceeding 115 percent of the
prevailing charge for nonparticipating physicians, MAACs limit increases in actual charges to 1 percent a
year. For physicians whose charges are less than 115 percent of the prevailing, MAACs limit actual
charge increases so they may not exceed 115 percent.
Maximum Defined Data Set: Under HIPAA, this is all of the required data elements for a particular
standard based on a specific implementation specification. An entity creating a transaction is free to
include whatever data any receiver might want or need. The recipient is free to ignore any portion of
the data that is not needed to conduct their part of the associated business transaction, unless the
inessential data is needed for coordination of benefits.
MEDCIN: Clinical documentation nomenclature designed to provide E&M level coding assistance to
providers through the use of an extensive database for documenting patient encounters.
Medical Code Sets: Codes that characterize a medical condition or treatment. These code sets are
usually maintained by professional societies and public health organizations. Compare to administrative
code sets.
Medical Transcription: A PDA-compliant medical transcription system that manages the transcription
cycle from the beginning to end by integrating voice recording, digital scripting, delivery of voice files to
the medical transcriptionist and final transcript receipt.
Medical Calculators: A diverse range of Medical Calculators that allows the medical practitioner to make
rapid, accurate calculations within seconds, with the focus on evidence based medicine.
Medication Reviewer: is a complete list of all medications that the patient is on or had been taking at
some point.
Medical Group Practice: The American Group Practice Association, the American Medical Association,
and the Medical Group Management Association define medical group practice as: provision of health
care services by a group of at least three licensed physicians engaged in a formally organized and legally
recognized entity sharing equipment, facilities, common records and personnel involved in both patient
care and business management.
Medical Informatics: Medical informatics is the systematic study, or science, of the identification,
collection, storage, communication, retrieval, and analysis of data about medical care services to
improve decisions made by physicians and managers of health care organizations. Medical informatics
55
will be as important to physicians and medical managers as the rules of financial accounting are to
auditors.
Medical Management Information System (MMIS): A data system that allows payers and purchasers to
track health care expenditure and utilization patterns. It may also be referred to as Health Information
System (HIS), Health Information Management (HIM) or Information System (IS). See also Electronic
Medical Record (EMR).
Mid-level Practitioner: Refers to the group of providers considered to be one-level below M.D.s and
D.O.s. Physician assistants (P.A.s) and Nurse Practitioners (N.P.s) are examples.
Modifier: A two-character code added to a CPT or HCPCS code that is used to help in the reimbursement
process. For example, a modifier can be used to explain that a procedure not normally covered when
billed on the same day as another is actually a separate and significant process, or that it is a rural health
procedure that gets higher reimbursement. Up to 4 modifiers can be attached to each CPT, although in
most cases only 1 or 2 are used.
Multi-Specialty Group: A group of doctors who represent various medical specialties and who work
together in a group practice.
[N]
National Council for Prescription Drug Programs: An ANSI-accredited group that maintains a number of
standard formats for use by the retail pharmacy industry, some of which have been adopted as HIPAA
standards.
National Drug Code (NDC): A medical code set maintained by the Food and Drug Administration that
contains codes for drugs that are FDA-approved. The Secretary of HHS adopted this code set as the
standard for reporting drugs and biologics on standard transactions. The classification system for drug
identification is similar to UPC code.
Neonatal Intensive Care Unit (Neo ICU): A hospital unit with special equipment for the care of
premature and seriously ill newborn infants.
Non-Participating Physician (or Provider): A provider, doctor or hospital that does not sign a contract to
participate in a health plan, usually which requires reduced rates from the provider. In the Medicare
Program, this refers to providers who are therefore not obligated to accept assignment on all Medicare
claims. In commercial plans, non-participating providers are also called out of network providers or out
of plan providers. If a beneficiary receives service from an out of network provider, the health plan
(other than Medicare) will pay for the service at a reduced rate or will not pay at all.
Non-Plan Provider: A health care provider without a contract with an insurer. A non plan Provider is
also known as nonparticipating provider.
Nurse Practitioner (NP): A registered nurse qualified and specially trained to provide primary care,
including primary health care in homes and in ambulatory care facilities, long-term care facilities, and
other health care institutions. Normally, NPs are licensed and possess masters degrees. Nurse
practitioners generally function under the supervision of a physician but not necessarily in his/her or her
presence. In some states, NPs are able to provide basic medical services without requiring MD or DO
56
supervision. They are either salaried or reimbursed on a fee-for-service basis. Nurse Practitioners are
sometimes considered midlevel practitioners.
NPI (National Provider Identifier): Fairly new 8 digit alphanumeric identifier given to all medical
facilities. Most M.D.s and DOS do not have NPIs at this time (they still use UPIN numbers). However,
mid-level practitioners usually do. NSF (National Standard Format): Standard format for electronic filing.
[O]
Occupancy Rate: A measure of inpatient health facility use, determined by dividing available bed days
by patient days. It measures the average percentage of a hospitals beds occupied and may be
institution-wide or specific for one department or service.
Ombudsperson or Ombudsman: A person within a managed care organization or a person outside of
the health care system (such as an appointee of the state) who is designated to receive and investigate
complaints from beneficiaries about quality of care, inability to access care, discrimination, and other
problems that beneficiaries may experience with their managed care organization. This individual often
functions as the beneficiarys advocate in pursuing grievances or complaints about denials of care or
inappropriate care. Organizations are mostly able to designate a member of their own staff as
ombudsman.
Open Access: A term describing a members ability to self-refer for specialty care. Open access
arrangements allow a member to see a participating provider without a referral from another doctor.
Health plan members abilities, rights or invitation to self refer for specialty care. Also called Open Panel.
Open Panel: A term describing a members ability to self-refer for specialty care. Open access
arrangements allow a member to see a participating provider without a referral from another doctor.
Health plan members abilities, rights or invitation to self refer for specialty care. Also called Open
Access.
Outcome: A clinical outcome is the result of medical or surgical intervention or nonintervention, or the
results of a specific health care service or benefit package. The valued results of care as experienced
primarily by the patient but also by physicians and all other participants in the processes contributing to
the outcomes.
Outcomes Management: Providers and payers alike wish to find a method of managing care in a way
that would produce the best outcomes. Managed care organizations are increasingly interested in
learning to manage the outcome of care rather than just managing the cost of care. It is thought that
through a database of outcomes experience, caregivers will know better which treatment modalities
result in consistently better outcomes for patients. Outcomes management may lead to the
development of clinical protocols. A clinical outcome is the result of medical or surgical intervention or
nonintervention. Managed services organizations are now attempting to better manage clinical
outcomes for their enrollees to increase the satisfaction of patients and payers while holding down
costs.
Outcomes Measurement: System used to systematically track clinical treatment and responses to that
treatment. The methods for measuring outcomes are quite varied among providers. Much disagreement
exists regarding the best practice or tools to utilize to measure outcomes. In fact, much disagreement
57
exists in the medical field about the definition of outcome itself. A tool to assess the impact of health
services in terms of improved quality and/or longevity of life and functioning.
Outcomes Research: Research on measures of changes in patient outcomes, that is, patient health
status and satisfaction, resulting from specific medical and health interventions. Attributing changes in
outcomes to medical care requires distinguishing the effects of care from the effects of the many other
factors that influence patients health and satisfaction. With the elimination of the physicians fiduciary
responsibility to the patient, outcomes data is gaining increasing importance for patient advocacy and
consumer protection. Outcomes research will also be used in the future by payers to identify potential
partners on the basis of good outcomes.
Outpatient Care: Care given a person who is not bedridden. It is also called ambulatory care. Many
surgeries and treatments are now provided on an outpatient basis, while previously they had been
considered reason for inpatient hospitalization. Some say this is the fastest growing segment of
healthcare.
Office Visit Levels: Otherwise know as E&M codes, the code varies from Level I to V depending on
complexity with V being the most complex.
[P]
Past Medical History, Past Surgical History, Screening (PMSS): This is a list of all the past surgery and
medical issues that the patient has been treated for.
Patient Liability: The dollar amount that an insured is legally obligated to pay for services rendered by a
provider. These may include co-payments, deductibles and payments for uncovered services.
P.A. (Physician Assistant): A mid-level provider. They are required to have a Bachelors degree and then
attend a rigorous 3-year training program mainly instructed by physicians. They are not physicians, but
in most states have similar rights and privileges. However, they must be supervised by a physician.
Past Medical History: A list of a patients past health problems, surgeries and specialists.
Patient Demographics: All the patients pertinent information such as first and last name, SSN, DOB,
insurance, etc.
Patient Origin Study: A study, generally undertaken by an individual health program or health planning
agency, to determine the geographic distribution of the residences of the patients served by one or
more health programs. Such studies help define catchment and medical trade areas and are useful in
locating and planning the development of new services.
Patient Portal: A secure web-based system that allows a patient to register for an appointment,
schedule an appointment, request prescription refills, send and receive secure patient-physician
messages, view lab results, pay their bills electronically, access physician directories.
Participating Physician: A primary care physician in practice in the payers managed care service area
who has entered into a contract.
Part A Medicare: Refers to the inpatient portion of benefits under the Medicare Program, covering
beneficiaries for inpatient hospital, home health, hospice, and limited skilled nursing facility services.
58
Beneficiaries are responsible for deductibles and copayments. Part A services are financed by the
Medicare HI Trust Fund, which consists of Medicare tax payments. Part B, on the other hand, refers to
outpatient coverage.
Part B Medicare: Refers to the outpatient benefits of Medicare. Medicare Supplementary Medical
Insurance (SMI) under Part B of Title XVII of the Social Security Act covers Medicare beneficiaries for
physician services, medical supplies, and other outpatient treatment. Beneficiaries are responsible for
monthly premiums, copayments, deductibles, and balance billing. Part B services are financed by a
combination of enrollee premiums and general tax revenues.
Participating Provider: Any provider licensed in the state of provision and contracted with an insurer.
Usually this refers to providers who are a part of a network. That network would be a panel of
participating providers. Payers assemble their own provider panels.
Payer (usually Third Party Payer): The public or private organization that is responsible for payment for
health care expenses. Payers may be insurance companies or self-insured employers.
PC Based: A program designed to run on an individual PC. This typically means data is not shared in real
time among other PCs (users).
PCP: Primary care physician who often acts as the primary gatekeeper in health plans. That is, often the
PCP must approval referrals to specialists. Particularly in HMOs and some PPOs, all members must
choose or are assigned a PCP.
PHR: A personal health record or PHR is typically a health record that is initiated and maintained by an
individual. An ideal PHR would provide a complete and accurate summary of the health and medical
history of an individual by gathering data from many sources and making this information accessible
online.
Physician Attestation: The requirement that the attending physician certify, in writing, the accuracy and
completion of the clinical information used for DRG assignment.
Physician Current Procedural Terminology (CPT): List of services and procedures performed by
providers, with each service/procedure having a unique 5-digit identifying code. CPT is the health care
industrys standard for reporting of physician services and procedures. Used in billing and records.
Picture Archive Communication System (PACS): Used by radiology and diagnostic imaging organizations
to electronically manage information and images
Physician Practice Organization (PPO): An arrangement between insurers and healthcare providers
where providers agree to a discounted fee-for-service in exchange for more patients
Progress Note: The documentation of a patient visit or encounter including all or part of the SOAP
format.
Practical Nurses: Practical nurses, also known as vocational nurses, provide nursing care and treatment
of patients under the supervision of a licensed physician or registered nurse. Licensure as a licensed
practical nurse (L.P.N.) or in California and Texas as a licensed vocational nurse (L.V.N.) is required.
59
Practice Parameters, Practice Guidelines: Systematically developed statements to standardize care and
to assist in practitioner and patient decisions about the appropriate health care for specific
circumstances. Practice guidelines are usually developed through a process that combines scientific
evidence of effectiveness with expert opinion. Practice guidelines are also referred to as clinical criteria,
protocols, algorithms, review criteria, and guidelines. The American Medical Association defines practice
parameters as strategies for patient management, developed to assist physicians in clinical decisionmaking. Practice parameters may also be referred to as practice options, practice guidelines, practice
policies, or practice standards.
Pre-Authorization: A cost containment feature of many group medical policies whereby the insured
must contact the insurer prior to a hospitalization or surgery and receive authorization for
Primary Care: Basic or general health care usually rendered by general practitioners, family
practitioners, internists, obstetricians and pediatricians who are often referred to as primary care
practitioners or PCPs. Professional and related services administered by an internist, family practitioner,
obstetrician-gynecologist or pediatrician in an ambulatory setting, with referral to secondary care
specialists, as necessary.
Primary Care Network (PCN): A group of primary care physicians who share the risk of providing care to
members of a given health plan.
Primary Care Physician, (PCP): A generalist such as a family practitioner, pediatrician, internist, or
obstetrician. In a managed care organization, a primary care physician is accountable for the total health
services of enrollees including referrals, procedures and hospitalization. Also see Primary Care Provider.
Primary Care Provider (PCP): The provider that serves as the initial interface between the member and
the medical care system. The PCP is usually a physician, selected by the member upon enrollment, who
is trained in one of the primary care specialties who treats and is responsible for coordinating the
treatment of members assigned to his/her plan. See also Gatekeeper.
Principal Diagnosis: The medical condition that is ultimately determined to have caused a patients
admission to the hospital. The principal diagnosis is used to assign every patient to a diagnosis related
group. This diagnosis may differ from the admitting and major diagnoses.
Prior Authorization: A formal process requiring a provider obtain approval to provide particular services
or procedures before they are done. This is usually required for nonemergency services that are
expensive or likely to be abused or overused. A managed care organization will identify those services
and procedures that require prior authorization, without which the provider may not be compensated.
Privacy: For purposes of the HIPAA Privacy Rule, privacy means an individuals interest in limiting who
has access to personal health care information. See also HIPAA Privacy Rule. Psychotherapy Notes:
These include notes recorded by the health care provider who is a mental health professional during a
counseling session, either in a private session or in a group. These notes are separate from
documentation placed in the medical chart and do not include prescriptions. Specific patient
authorization is required for use and disclosure of psychotherapy notes.
[R]
60
RAID (Redundant Array of Independent Disks): A way of storing the same data in different places on
multiple hard disks. Often used on servers to provide redundancy in the event of a hard drive failure.
Real Time: The instantaneous sharing of data among a user group. It is common to a client/server
database configuration.
Referral: Some insurance companies require that on specific plans a referral must be obtained for
certain procedures or visits to specialists. The referral is acquired by the primary care physician (PCP) by
contacting the insurance company by phone or mail. This is a request for the service. The referral
consists of an authorization code, a number of visits allowed (if applicable) and an expiration date.
Referring Provider: is the provider that referred the patient to a specialist or for a specific procedure.
Relational Database: A database program that stores data in a manner similar to Excel, with the
difference being the data elements are related (linked) to each other.
Remote Access: Data travels through a private, protected passage via the Internet, allowing healthcare
providers to access from home or another practice location and allows EMR vendor to perform system
maintenance off-site
Rendering/Performing Provider: The provider actually treating the patient.
Registered Nurses (R.N.s): Registered nurses are responsible for carrying out the physicians
instructions. They supervise practical nurses and other auxiliary personnel who perform routine care
and treatment of patients. Registered nurses provide nursing care to patients or perform specialized
duties in a variety of settings from hospital and clinics to schools and public health departments. A
license to practice nursing is required in all states. For licensure as a registered nurse (R.N.), an applicant
must have graduated from a school of nursing approved by the state board for nursing and have passed
a state board examination.
ROS (Review of Systems): A series of questions related to the system(s) that the patient is having
complaints about (i.e. respiratory for cold symptoms).
[S]
Secondary Care: Services provided by medical specialists who generally do not have first contact with
patients (e.g., cardiologist, urologists, dermatologists). In the U.S., however, there has been a trend
toward self-referral by patients for these services, rather than referral by primary care providers. This is
quite different from the practice in England, for example, where all patients must first seek care from
primary care providers and are then referred to secondary and/or tertiary providers, as needed.
SNOMED: (SNOMED CT) Systemized Nomenclature of Medicine Clinical Terms
SNOMED CT is the universal health care terminology. It is comprehensive and covers procedures,
diseases, and clinical data. SNOMED CT helps to structure and computerize the medical record. It allows
for a consistent way of indexing, storing, retrieving and aggregating clinical data across sites of care (i.e.
hospitals, doctors offices) and specialties. By standardizing the terminology, the variability in the way
data is captured, encoded and used for clinical care of patients and research is reduced. Allows for more
accurate reporting of data. It is currently available in English, Spanish and German.
61
SureScripts: Electronic exchange that links pharmacies and healthcare providers. Founded in 2001 by
NACDS to make the prescribing process safer and more efficient
SOAP Note: Progress note format utilized by Medinformatix that consists of Subjective, Objective,
Assessment and Plan sections.
Social History: A description of a patients social habits and history including marital status, alcohol and
drug use and exercise habits.
Subjective: Section in a progress note where a patients account of their current problem is
documented. Consists of chief complaint, HPI and ROS.
Superbill: Also known as an encounter form, route slip or fee slip. This is a paper charge capture tool
used to document coding for a specific patient visit. It is a printed form with patient information at the
top, and a subset of the providers/practices most commonly used ICD and/or CPT codes. The form
travels with the patient through the clinic. Providers check off items when they see the patient, and the
form then travels to the checkout desk or billing office where the codes are entered into the billing
system.
Supervising Provider: The physician that is supervising patient care for a mid-level. In some practices,
the supervising provider signs off on every chart after a mid-level sees a patient, while in others he is
simply available to assist if necessary. Physicians in some rural areas do not have to be on-site and can
supervise remotely.
SQL: Structured Query Language is a computer language aimed to store, manipulate and retrieve data
stored in relational databases.
Sx: Abbreviation for symptoms
Skilled Nursing Facility (SNF): A licensed institution, as defined by Medicare, which is primarily engaged
in the provision of skilled nursing care. SNFs are usually DRG or PPS exempt and are located within
hospitals, but sometimes are located in rehab facilities or nursing homes.
Solo Practice, Solo Practitioner: A physician who practices alone or with others but does not pool
income or expenses. This form of practice is becoming increasingly less common as physicians band
together for contracting, overhead costs and risk sharing.
Subscriber:- Person responsible for payment of premiums, or person whose employment is the basis for
membership in a health plan.
[T]
T1, T3 line: A high-speed internet connection provided via telephone lines often used by businesses
needing internet connection speeds greater than DSL/Cable.
Terminal Services: Microsoft's method for remote administration tasks that delivers the Windows
desktop and Windows-based applications to nearly any personal computing device, even devices that
can't run Windows.
Therapeutic Alternatives: Strong Drug products that provide the same pharmacological or chemical
effect in equivalent doses. Also see Drug Formulary.
62
Thin Client: Also know as a Dummy Terminal is a network computer without a hard-drive which
requires the constant connection to a server to operate.
Trial Balance: A detailed report of invoices for a patient.
Treatment: The provision of health care by one or more health care providers. Treatment includes any
consultation, referral or other exchanges of information to manage a patients care. The HIPAA Privacy
Notice explains that the HIPAA Privacy Rule allows Partners and its affiliates to use and disclose
protected health information for treatment purposes without specific authorization.
Treatment Episode: The period of treatment between admission and discharge from a modality, e.g.,
inpatient, residential, partial hospitalization, and outpatient, or the period of time between the first
procedure and last procedure on an outpatient basis for a given diagnosis. Many healthcare statistics
and profiles use this unit as a base for comparisons.
[U]
UB-92 - Uniform Billing Code of 1992: Bill form used to submit hospital insurance claims for payment by
third parties. Similar to HCFA 1500, but reserved for the inpatient component of health services. An
electronic format of the CMS-1450 paper claim form that has been in general use since 1993.
UNIX: A network capable, multi-user operating system used for workstations and servers. Many old
practice management, medical billing and EMR software were originally designed under the UNIX
operating system.
UB-92 Form: Form designed for hospitals to file a medical claim with the patient's insurance carrier.
UPIN (Unique Physician Identification Number): Unique Identification number given to each healthcare
provider. Frequently used in insurance billing and is currently being replaced by the NPI number.
UPIN: A standard 6 digit alphanumeric identifier assigned to providers. Can be used for single provider
or a group/facility.
URI: Abbreviation for Upper Respiratory Infection (Cold)
UTI: Abbreviation for Urinary Tract Infection (Bladder infection)
[V]
VPN: Virtual Private Network A VPN tunnel is a secure connection, typically firewall to firewall that
provides for remote access to your data server.
Variable Contribution Health Plan: In contrast to a fixed contribution plan, a variable contribution
involves employers committing to a specified level of benefits funding for its employees, regardless of
the actual benefit price. Employers are thus locked into variable contribution arrangements because
they are committed to funding a certain benefit structure without knowing what the future costs may
be if premiums are raised. See also Fixed Contribution Health Plan.
Vital Statistics: Statistics relating to births (natality), deaths (mortality), marriages, health, and disease
(morbidity). Vital statistics for the United States are published by the National Center for Health
Statistics. Vital statistics can be obtained from CDC, state health departments, county health
departments and other agencies. An individual patients vital statistics in a health care setting may also
refer simply to blood pressure, temperature, height and weight, etc.
[W]
Wave Scheduling: Scheduling patients in waves, i.e. scheduling several patients at the top of the hour
(in the same time slot), and several at the bottom of the hour. Patients rarely arrive on time, and offices
often run behind. Having blocks of busy and catch-up time can even this out. Modified wave scheduling
63
is a more recent trend where the schedule is based around the actual time spent with patients. Most
patient visits do not require the provider to be in the room with the patient for 100% of the time. Wave
scheduling allows more efficient scheduling by allowing for this. For example, a patient visiting an
ophthalmologist may spend 15 minutes of a half hour visit waiting for their eyes to dilate. The doctor is
only present for the last 15 minutes. Thus, another patient could be scheduled for the first 15 minutes.
Thus, modified wave scheduling refers to creating a schedule that accounts only for the providers time
spent with patients. This is only efficient if there is enough nursing staff to prepare several patients
simultaneously.
Waiting Periods: The length of time an individual must wait to become eligible for benefits for a specific
condition after overall coverage has begun.
Waiver : Approval that the Centers for Medicare and Medicaid Services (CMS, formerly called HCFA), the
federal agency that administers the Medicaid program, may grant to state Medicaid programs to
exempt them from specific aspects of Title XIX, the federal Medicaid law. Most federal waivers involve
loss of freedom of choice regarding which providers beneficiaries may use, exemption from
requirements that all Medicaid programs be operated throughout an entire state, or exemption from
requirements that any benefit must be available to all classes of beneficiaries (which enables states to
experiment with programs only available to special populations).
Waiver of Authorization: Under HIPAA, under limited circumstances, a waiver of the requirement for
authorization for use or disclosure of private health information may be obtained from the IRB by the
researcher. A waiver of authorization can be approved only if specific criteria have been met. See
Authorization also.
Workers Compensation: A state-mandated program providing insurance coverage for work-related
injuries and disabilities. Several states have either enacted or are considering changes to the Workers
Compensation Laws to allow employers to cover occupational injuries and illnesses within their own
existing group medical plans. Some employers pay premiums to the state or to insurance companies for
this coverage. Others are self-funded and use third party case management or administrative services to
manage the processes. See also Occupational Health.
[X]
XML (Extensible Markup Language): Used for defining data elements on a Web page and
communication between two business systems. Example: Standard messaging system for and EMR to
integrate with another software such as a practice management or drug formulary database.
64
ANNEXURE V
1. Aadhar (UID) Number is to be used as the Universal Patient Identifier; Since it is expected
that it would take time for this to be implemented across the country. Until that time, we
will need to accommodate other ID proof like PAN card/ License/ Voter I card etc.
2. Age is to be automatically calculated if date of birth is entered/available; once the patient's
age is available, all client systems must automatically "age" the patient. For this, unless the
patient's date of birth is available, the age will be approximated with the assumption that
the patient was born on the 1st day of January of the year that the entered age appears to
point to. The record display will need to clearly show that this age is an approximated one
and that the patient may actually be older by 1 additional year maximally
3. More than one reason for visit may be entered
4. Menstrual history is available only if the chosen gender is female
5. Both structured and unstructured data can be used wherever the data type is alphanumeric
and data length is 255+
6. If necessary, data type can be made longer wherever they are stated to be 255+
7. UOM3 of BP4 is mmHg
8. UOM of pulse rate is per minute
9. UOM of temperature is degrees Celsius
10. UOM of respiration rate is per minute
11. UOM of weight is kilograms
12. UOM of height is centimetres
13. More than one diagnoses may be entered
14. Wherever list of values have been mentioned, the first is the default
15. It must be ensured that the no encounter number is arbitrarily assigned. The networking
system will need to take care of this. Episode and Encounter Reconciliation through
appropriate merging and demerging will need to take place. However, this is a design and
development issue, and out of scope for the work of MDS5 proposal
16. It must be ensured that the no encounter number is arbitrarily assigned. The networking
system will need to take care of this. Episode and Encounter Reconciliation through
appropriate merging and demerging will need to take place. However, this is a design and
development issue, and out of scope for the work of MDS proposal
17. In Family History, the fields should be (i) relative, (ii) disease; This is actually implicit since
the user can enter any of the three types and there is no bar in entering all types. This can
appropriately be taken care of by system designers
18. Immunisation History should be a child table with multiple entries allowed, with a list of
values for each vaccine type and dates administered with current status (administered/notadministered)
19. Allergies will be a list of values (drug generics, etc.) that would, in future, allow allergy alerts
to be activated
65
20. Clinical Exam Height Data storage should always be in centimeters in the database.
However, the user module should allow entry in feet and inches, if desired, and should
convert and store it in cm
21. Diagnosis Code should allow multiple entries per encounter record
22. Sufficient redundancies must be built in to the system to ensure no complete downtime in
case of system failure due to any reason including hardware, networking and power
outages. Local records must be available 100% of time
23. Display from first record till date all encounters displaying the following
24. Reason for visit/Diagnosis
25. Encounter Date, Time & Location
26. Ability to view the encounter record details
27. Use SNOMED-CT for all clinical terms/observations
28. Use ICD-10 for all diagnoses for statistical and epidemiological studies
29. Use LOINC for all investigation observations
30. Use secured XML as file format for information exchange
31. Will contain a header section that contains patient and observer ID/details and encounter
date, time and location (ID/details)
32. Will contain a body section that contains all other encounter-specific details
33. Use the HCIT Standards as relevant to India (please refer to the table below)
34. Conform to the Minimum Data Sets
35. Must capture and display the following items:
a. Patient Name, Gender, Age/DOB
b. Observer Name
c. Date & Time of Visit
d. Problems/Diagnosis List
e. Current medications
f. Active allergies
66
Annexure VI
Proposed Portable Health Record
As patients move around the healthcare system there is a need to carry essential information to
ensure quality healthcare which will give their treating clinician basic information viz., medical
condition, drug/allergy information etc. CCR standard XML file format (as used in Google
Health), with demographics, insurance info, problem list/diagnoses, medications, allergy and
alerts, vital signs, and lab results, consultation reports, hospital discharge and operative reports
and test results (i.e. stress test, cardiac catheterization, relevant biochemistry and
histopathology) kept current and accurate by a persons healthcare team (nurses, doctors and
pharmacists) which includes the patient.
67
Annexure VII
Privacy and Security in Meaningful Use Rule
(as retrieved from http://www.hitechanswers.net/security-meaningful-use/)
Role of Security & Privacy in Meaningful Use
In general, HHS has specifically included encryption as a requirement for a Certified EHR
system (). The inclusion of encryption in meaningful use is indicative of the Federal
governments recognition that encryption is a critical technology in securing protected health
information (PHI).
Certified EHRs must be able to provide the patient an electronic copy of their health information
upon their request. This information must be provided within 96 hours from the time the provider
obtains the information, such as lab results, for example. This patient information must be
secured with at least a symmetric 128 bit fixed-block cipher algorithm capable of using 128, 192,
or 256 bit encryption key.
Certified EHRs must protect electronic health information by implementing controls and
encryption, such as:
Assigning a unique user name for each user
Encrypt and decrypt health information for backups, removable media, etc.
Event recording such as deletion of records
Audit review log
Systems to ensure health information has not been altered using a hash algorithm
Record disclosures made for treatment
Ensure identity management is in place
68
Annexure VIII
HIPAA 45 CFR Part 142 Subpart C, Security and Electronic Signature Standards.
See http://aspe.hhs.gov/admnsimp/nprm/sec13.htm
Technical Security Services and Mechanisms, and Electronic Signature Requirements and Implementation Features
Category Section
Req/Opt Item
Definition
Rule Reference
Procedure for
(documented instructions for obtaining
(A)
(B) (1)
(B) (2)
(B) (3)
69
Encryption
and
optionall
y
Audit
Controls
Authori
zation
Control
Data
Authenti
cation
which are
requires
one of
Role-based
access
User-based
access
which is
Automatic
logoff
Entity
requires
Authenti
(both)
cation
Unique user
identifier
142.308
(C)
142.308
142.308
142.308
142.308
(C)
142.308
(A)
142.308
(B)
70
Biometric
identifier
Password
PIN
and
one of
Telephone
Callback
Token
142.308
(C) (1)
142.308
142.308
(C) (2)
(C) (3)
142.308
(C) (4)
142.308
(C) (5)
71
access)
Integrity
Controls
requires
(both)
Commu
nication
s/
Network
Controls
Message
Authentication
Access Controls
and
one of
Technical
Security
Mechanis
ms (for
informati
on
in transit)
Encryption
Alarm
PLUS
if over
an open
network
requires
(all of)
Audit Trail
Entity
Authentication
142.308
(A)
142.308
(B)
142.308
(A)
142.308
142.308
(B)
142.308
142.308
72
processes)
Event Reporting
Message
Integrity
Nonrepudiation
requires
(all of)
User
Authentication
Ability to Add
Attributes
Electonic
Signature
Standard
and optionally
includes
(all, some, or none
of)
Continuity of
Signature
Capability
Countersignatur
es
142.308
142.310
(c) (1)
142.310
(c) (2)
142.310
142.310
(c) (3)
142.310
(d) (2)
142.310
(d) (3)
(d) (1)
73
Multiple
Signatures
Transportability
142.310
142.310
(d) (4)
142.310
(d) (6)
142.310
(d) (7)
(d) (5)
74
Sections
Administrative Safeguards
Security Management Process
75
164.308(a)(2) (R)
Workforce Security
76
Contingency Plan
Evaluation
164.308(a)(8) (R)
Physical Safeguards
Facility Access Controls
Workstation Use
164.310(b)
(R)
77
Workstation Security
164.310(c)
(R)
Audit Controls
164.312(b)
(R)
Integrity
164.312(c)(1)
164.312(d)
(R)
78
Transmission Security
[http://www.gpo.gov/fdsys/pkg/CFR-2010-title45-vol1/xml/CFR-2010-title45-vol1-part164-subpartC-appA.xml]
79