A process or set of rules to follow in calculations or other problem solving, typically in computing.
All Payer Claims Database (APCD)
Large-scale databases that collect health care claims data from multiple payers/insurers. Some states have mandated statewide APCDs to better understand cost drivers to the health system.
American Recovery and Reinvestment Act (ARRA)
Signed by President Barack Obama in 2009, the ARRA is also known as the federal stimulus package. The law was enacted in response to the Financial Crisis and contained billions of dollars in funding for science, research, education, infrastructure, social sciences and arts. The ARRA is most important to the health IT field because it was the vehicle for major investment and incentives for adoption of electronic health records by hospitals and medical groups.
Application Programming Interfaces (APIs)
Application Programming Interfaces are system of tools and resources in an operating system that enable developers to create software applications. So-called “open APIs“ – where specifications are available for outside programmers to build upon – are considered important for the growth of interoperable health information technology and new innovations.
Artificial Intelligence (AI)
When computer systems are able to perform tasks that we associate with human intelligence including visual perception, speech recognition, decision-making, problem-solving and language interpretation. Sophisticated machine learning is already being applied to health care and this trend is expected to accelerate in the coming years.
Also known as “store and forward" telehealth, where a patient or provider deliver relevant data to specialists or other consulting experts to determine a diagnosis or course of treatment.
Automatic speech recognition (ASR)
Also known as voice recognition technology, ASR allows a person to converse with computers using normal speech and be reasonably understood and illicit a response. That response might be an answer to a question, a correct prompt or by transcribing the user's speech into readable text in real-time. ASR is made possible through natural language processing (NLP).
Intentionally lowering the speed at which data is transmitted over the Internet. Bandwidth throttling can create an unequal playing field among content creators, services and other organizations on the Internet.
Best practice alert (BPA)
A programmed notification in the electronic health record (EHR) that occurs at a specific point in patient charting or documentation. BPAs remind clinicians of best practices they should follow in clinical decision-making. Some BPAs have a “hard stop,“ meaning that the clinician must adhere to the alert before closing the patient's EHR or moving onto the next task. An example of a BPA is reminding the clinician to order a blood glucose test for a pre-diabetic patient who is overdue for screening.
Big data is a massive volume of data – both structured and unstructured – that is too large to be processed using traditional software and database techniques. Big data is important to healthcare because huge amounts of data are being generated through EHRs, wearables, public health departments, clinical studies and other sources. Collectively, this big data could be used to improve disease prevention and treatment. Tech companies are developing healthcare big data platforms to harness this data and make it actionable to providers and health officials.
A blockchain is most commonly associated with digital currency such as Bitcoin. Blockchain is a data structure that can be timed-stamped and signed using a private key to prevent tampering. Some view blockchain as an important development in health IT to combat cybersecurity threats and advance the free and secure exchange of health information.
An online application available to U.S. veterans to securely download their personal health information, medical records and claims data. Blue Button is an icon that appears in the patient portal of the Department of Veterans Affairs. Veterans can press the icon to access and download their data, make any corrections and share it with family members.
A wide bandwidth data transmission that transports multiple data at once. Broadband is any high-speed Internet access that is always on and faster than legacy dial-up access. Broadband providers include telecom giants such as Comcast, Verizon and AT&T.
BYOD (Bring Your Own Device)
Hospitals and other health providers are crafting policies on how staff and physicans can use their personal smartphone, iPads and other connected devices at work. Some allow providers to BYOD to facilitiate communications, but require installation of secure messaging platforms.
Certification Commission for Health Information Technology (CCHIT)
One of several organizations the federal government has authorized to certify electronic health record technology as meeting agreed upon standards for meaningful use. CCHIT was founded in 2004.
Certified Health IT
Certified health IT included any products, programs or systems that meet standards set by the federal government on their security, privacy, usability and interoperability. The Office of the National Coordinator for Health Information Technology (ONC), a division of the U.S. Health and Human Services Department (HHS) oversees health IT certification. Certified health IT participation is voluntary but providers are required to use certified health IT products and systems to participate in Meaningful Use and other federal electronic health record adoption programs.
Clinical decision support (CDS)
Computer programs and tools to assist physicians and other health professionals with care decisions. CDS uses databases of signs and symptoms as well as best practices and current research findings to advise clinicians in care choices. Some aspects of CDS have gotten a bad rap, most notably alerts and notifications that are too frequent and create clinician “alert fatigue." CDS is fast evolving and incorporating aspects of machine learning and artificial intelligence.
Cloud computing is the advanced use of information and communications technology to remotely deliver a range of services including programs, storage, processing and tools. Commonly referred to as simply “the cloud."
A computer program that conducts a conversation via text or auditory programs. They are often used in customer service, and increasingly in health care. Chatbots are also known as virtual assistants or virtual agents.
Computerized physician order entry (CPOE)
Computerized physician order entry is the process of a medical professional entering medication orders or other instructions electronically rather than on paper. Quality improvement groups have championed CPOE because it ensures legibility of the order, and also CPOE systems can be combined with clinical decision support (CDS) programs that give real-time feedback and guidance on medication contradictions and errors. An estimated 90 percent of medication errors occur during manual ordering and transcribing. Recent reports suggest, however, that CPOE is not a panacea and can fail to catch medication errors.
Connected devices/smart devices
Any physical device that is embedded with sensors or network connectivity, enabling that device to “talk“ to other devices.
Defined in HIPAA rules as a health plan, health care clearinghouse or health care provider who is authorized to transmit personal health information in electronic form. These approved covered entities were created under HIPAA standards to protect the privacy of personal medical information while ensuring the secure exchange of data among providers and health insurers. Covered providers are physicians, clinics, nursing homes, pharmacies, dentists, psychologists and chiropractors.
Customer Relationship Management (CRM) system
Technologies and strategies that are used to manage and analyze customer relationships, including purchase history, buying preferences and touchpoints with a company. CRM can also include customer communications such as phone calls, emails and social media interactions. Healthcare companies use CRM systems to manage patient use and interactions. For instance, Veeva provides cloud-based CRM systems to life science companies.
Data center/data warehouse
A physical location where a company or institution's data is stored. A data center is often offsite in a secure location.
Some hospitals, health systems or other health organizations use data warehouses for their information analysis and aggregation needs while others use data lakes. Some use both. Data lakes are distributed storage and processing in mostly cloud-based systems. Data lakes use flat architecture to store data while data warehouses use hierarchical files and folders. Think of data pouring into a lake in unstructured format, stored there, and then only structured or sorted when the information is retrieved.
The responsibilities of collecting, managing, viewing, storing, sharing and otherwise using patient health information. Hospitals, health systems, payers, government entities and others are trusted with data stewardship of patient information.
A relatively new term that captures the increased reliance on computers in medicine for diagnostic support, data entry of patient symptoms into EHRs, retrieval of test results and other so-called “click-based“ tasks that physicians perform daily. Desktop medicine is often compared to bedside medicine, where the provider's full attention is on the patient and human-to-human interactions.
An emerging sector of the digital health market that uses data analytics, machine learning and artificial intelligence to help patients with behavior changes that can potentially improve health.
Taking information that is on paper or in another analog form and making it available in a digital (computer-readable) format.
Direct to Consumer (DTC) telehealth
A subset of the telehealth sector where patients can access telehealth platforms directly and connect with a physician, usually for an out-of-pocket fee, and get medical care. DTC telehealth systems are typical private, for-profit companies and occur outside the patient’s medical “home,” or where that patient usually receives in-person primary and specialty care.
Electronic health information (EHI)
Any health information about a patient that is stored, secured or sent electronically.
Electronic health record (EHR)
An electronic health record (EHR) is a digital record of a patient's medical information and health history. EHRs aim to be real-time records that reflect the most up-to-date information about each patient, as well as providing a comprehensive health history. An EHR is supposed to be instantly available in a secure format to all providers authorized to access it. An EHR can include: inpatient stays, outpatient visits, operations, diagnoses, allergies, lab test results, radiology images, prescribed medications and immunizations. EHRs also allow access to evidence-based databases and other tools to help providers make care decisions. EHRs automate and streamline workflow and populate online databases about a community's health, including disease registries and immunization rates. EHRs should be portable across facilities, providers and state lines, and they should be shared to help physicians and public health officials better care for individual patients and for whole populations. Ideally, patients should be able to access their EHRs. EHRs at this stage are fulfilling some of their initial promises, but many providers complain of having to spend too much time imputing information into EHRs. And patient groups have said that patients' access to their own records is lacking. Privacy breeches of celebrity EHRs have resulted in fines, penalties and new laws in recent years. And the sharing of EHRs across health systems and even between departments within systems has been hampered by lack of interoperability of various EHR platforms.
Electronic medical record (EMR)
An electronic medical record (EMR) contains standard medical and clinical information at one provider's office, basically an electronic medical chart. By contrast, an electronic health record (EHR) contains a more complete patient history and is considered more flexible, portable and with a richer data source for use in population health management. Most providers prefer to refer to their electronic patient record systems these days as EHRs, not EMRs.
Important for the secure transmission of information over online networks. Encryption makes data unreadable using algorithms and ciphers. Permitted users need an encryption “key“ to unlock the information.
Computer software that's purpose is to fulfill the needs of an organization or company rather than an individual user or consumer. It is business-oriented computer technology that encompasses database management and other business objectives and pursuits. Some, including National Coordinator for Health Information Technology Don Rucker have called enterprise computing one of the great opportunities in healthcare to reduce burdens on clinicians and other staff.
Graphical user interface (GUI)
A picture-oriented way for a person to interact with a computer. These can include windows, icons and menus used by today's operating systems.
Using a computer to gain unauthorized access to data in a closed system. Hackers are the people doing the hacking.
Health informatics is the interdisciplinary study of the design, development, adoption and application of IT-based innovations in health care services delivery, management and planning. Informatics can include human interface design, data mining, cognitive sciences, decision support, databases and algorithms. Health informatics professionals typically have backgrounds in both computer and biomedical sciences.
Health information exchange (HIE)
Health information exchange is the action of sharing relevant health information electronically among trusted clinical partners regardless of physical location. The information sharing can be about a single patient to enhance the care of that patient. Or, the information can be about a group of patients for the purposes of public health tracking and improvement. For providers who have already adopted electronic health records (EHRs), HIE enables them to share EHRs and “talk“ to one another over a secure network that protects patient privacy and data integrity. However, HIE can happen with paper records as well. HIE can help with a broad array of care quality and provider workflow concerns, including referrals and discharges; lab and radiology orders and results; redundant testing; medication management; analytics and reporting to health agencies; chronic disease management; and paperwork. HIE can also help patient engagement and patient satisfaction. The federal meaningful use program incorporates HIE, requiring providers to engage in some HIE as part of Stage 2 certification. Stage 3 of meaningful use requires even more robust HIE capabilities.
Achieving massive scale in computing, especially in cloud computing and data storage. Today, Amazon, Microsoft, Google and Oracle are competing to deliver hyperscale cloud platforms to gain market share as more organizations, including hospitals and insurers, move their data to cloud-based storage.
On Oct. 1, 2015, the federal government required providers in clinical settings to transition from ICD-9 to ICD-10 codes. ICD is short for International Classification of Diseases and the '10' means it's the tenth revision of those classifications. This is important because these codes classify procedures, diseases, injuries and encounters in health care settings. They determine how much providers get paid for each patient encounter, and they also help track incidence of conditions (such as cancer and sepsis) at health facilities. The ICD-9 codes were more than 30 years old. Considering all the advances in medicine in the past three decades, the ICD-9 codes had become outdated. There are 68,000 ICD-10 codes (vs. 14,000 ICD-9 codes), and the code format has been extended, providing more specific information on the patient’s diagnosis. The switch to ICD-10 aims to provide better data on health care utilization and patient care quality. Beginning Oct. 1, 2016, the Centers for Medicare and Medicaid Services will require provider claims to be more specific in terms of ICD-10 codes in order for providers to get paid.
Information blocking happens when someone willingly or knowingly interferes or “blocks“ the exchange and use of electronic health information. The federal government and Congress believe information blocking exists and is taking steps to penalize offenders. Some in the private sector have disputed that this is a widespread or even marginal problem.
Internet of Things (IoT)
The internetworking of physical devices, including household appliances, cars and buildings that are embedded with sensors and network connectivity. These devices are also known as “connected devices“ and “smart devices." In health care, the Internet of Things can include implanted medical devices and home monitoring systems, for instance. The expansion of networked devices is expected to generate data collection from previously unavailable sources on people's health and habits.
In computing, an interface is a device or program that allows a person to communicate with a computer.
Interoperability describes the extent to which systems and devices can exchange data, and interpret that shared data. For systems to be interoperable, they must be able to exchange data and subsequently present that data so it is understood by users. Interoperability is a word thrown around a lot these days and it's super important because without it, health information will be “siloed“ or potentially walled off from being usable and meaningful to providers and patients. In an era where improved coordinated care is becoming more important, interoperability will play a leading role. In October 2015, the U.S. Office of the Coordinator for Health IT (ONC), released its first roadmap on interoperability. The roadmap sets out timeframes to achieve interoperability, which can be extremely helpful to understand where local health providers fall in terms of interoperability. HIMSS wrote up a nice synopsis of the roadmap.
The science of teaching computers to learn on their own without being programmed to perform specific tasks. Machine learning incorporates artificial intelligence and big data so computers can synthesize information and draw informed conclusions.
Medicare Access and CHIP Reauthorization Act (MACRA)
The Medicare Access and CHIP Reauthorization Act was signed the law on April 16, 2015. MACRA does four important things: Repeals the flawed sustainable growth rate (SGR) methodology for determining updates to the Medicare physician fee schedule (known as the 'doc fix'); creates a framework that ties physician payments to quality achievements; consolidates existing Medicare physician quality programs, including Meaningful Use (MU) of electronic health records; and establishes a pathway for physicians to participate in Alternative Payment Models (APMs). MACRA provisions are scheduled to go into effect on January 1, 2019. Read more about MACRA on this tip sheet.
Meaningful use (MU)
This is a term the federal Centers for Medicare & Medicaid Services (CMS) uses to describe the optimal use of electronic health record (EHR) systems. The CMS says that certified EHRs should be used to reduce health disparities and improve quality, safety, and efficiency; to engage patients and family; to improve population health, public health, and care coordination; and to maintain privacy and security of patient health information. Under meaningful use, the CMS has been paying physicians and hospitals to adopt, implement, upgrade, or demonstrate meaningful use of certified EHRs. Physicians and hospitals receive incentive payments to move from paper records to secure EHRs. The meaningful use program is designed to support physicians and hospitals in installing certified EHR systems in three stages. Stage 1 was in 2011-12 and involved data capture and sharing; stage 2 was in 2014 and was designed to improve clinical processes; and stage 3 is in 2016, when meaningful use aims to help providers improve patient and population health outcomes.
Meaningful use has come under fire from various interest groups, including physicians and hospitals, for being too rigid and requiring too much too quickly. For instance, the American Hospital Association in March 2016 asked the CMS to certify hospitals that have achieved 70 percent of meaningful use requirements as having completed the program. In January 2016, CMS Acting Administrator Andy Slavitt said 2016 would likely mark the end of the meaningful use program.
Mobile health (mhealth)
Mobile health, or mhealth, is health services supported by mobile devices. The emergence of low-cost smartphones and tablets and the proliferation of health-related apps (over 165,000 to date) caused in the explosion of the mhealth sector in just the past few years. Some projections have the sector reaching $50 billion or more by 2020. Mhealth is based on the premise of 'care anywhere' and can include consumer health information, diagnostics, fitness support, remote patient monitoring, video services and text messaging. In February 2015, the Food and Drug Administration (FDA) issued final guidance on mobile health apps. The upshot was that the FDA said most mobile health apps will not be subject to FDA regulations. In April 2016, the Federal Trade Commission (FTC) released a handy interactive tool to guide health app developers on regulations that might apply to their products. These include federal consumer and patient privacy laws.
Natural language processing (NLP)
Natural language processing is the capability of computers to understand human language. If you've ever gotten into an automated phone tree and heard, “I'm sorry, I didn't get that“ in response to something you said into the phone, then you've come up against the limits of natural language processing. Alexa and Siri are popular consumer voice-activated NLPs on the market today. NLP is being applied to healthcare with limited success so far but this sector is expected to grow. It could, for instance, reduce clerical duties associated with inputing information into electronic health records.
Open source software (OSS)
Software in which the original coding is free and can be passed on and changed. The operating system Linux is probably the best-known example of open source software.
Operating system (OS)
Software that supports a computer's basic functions and manages computer hardware and software. It's the most important program that runs on a computer.
A computer database of confidential patient information, usually on a specific disease or condition, used to conduct population health management. Many hospitals have patient registries (a.k.a. disease registries) for depression, hypertension and diabetes, for instance.
An access point to an online system. The word “portal“ is frequently used by hospitals and insurers as shorthand for their “patient portal“ – a website where patients can access their information, email their physician, check lab results, manage prescriptions and make appointments securely.
A “lure” that entices an unwitting user to grant a thief remote access to proprietary data. For instance, a victim will click on a link in an email from someone they think is a trusted source, opening an access door to their computer. Phishing is a way for criminals to infect a computer with ransomware.
Predictive analytics is the branch of advanced analytics, and is used to make predictions about future events. Predictive analytics applies data mining, statistics, modeling, machine learning and artificial intelligence to analyze available data to make predictions about future. Predictive analytics can be a tool in population health management to intervene in patient health to improve outcomes.
Prescription drug monitoring program (PDMP)
A state-run electronic database used to track patient prescriptions of controlled substances, especially opioids. Physicians and pharmacists (and sometimes law enforcement) can access information provided in these databases to view patient past history of prescriptions. PDMPs are a promising tool in fighting opioid abuse.
Any unauthorized break-in of a computer system from a remote source.
A type of malware (malicious software) that attempts to deny access to the user’s own data, by encrypting the data with a key that won't unlock until a ransom is paid. Ransoms are usually paid in an untraceable cryptocurrency such as Bitcoin.
Certifying for yourself that your product or service meets previously agreed-upon rules or guidelines without third-party verification that standards have been met. Self-attestation has become a buzzword in electronic health record circles as the Trump Administration relaxes some regulations around EHR certification.
Smart devices/connected devices
Any physical device that is embedded with sensors or network connectivity, enabling that device to “talk“ to other devices.
Incidents where staff at hospitals access someone’s medical records without authorization or being directly involved in the patient’s care. High-profile incidents involving celebrities have led to hospital fines.
Store and forward
A category of telehealth in which relevant patient information is securely captured, stored and forwarded to relevant clinicians for analysis at a later time. Types of data included in store and forward telehealth are patient records, lab results, pathology reports, radiological images and photos. Dermatology is an example of a specialty in which store and forward telehealth is frequently used for consultation and diagnosis. Store and forward is also known as “asynchronous“ telehealth.
The delivery of health information in real-time via telehealth, typically through live discussion over video systems.
Telehealth is the delivery of health services and information remotely, using telecommunications technologies. Telehealth is a broad and expanding field, and the term 'telehealth' seems to be usurping 'telemedicine' to describe it. Generally, telehealth facilitates the diagnosis, treatment, education, monitoring and management of a patient's care while the patient is in one location and the provider is at another site. Telehealth can also mean collaboration between providers in different physical locations to diagnose and treat a patient. Today, there are four common modes of telehealth: 1) Live video interaction; 2) Store-and-forward, where information is sent, usually via secure email, and the provider reviews the information at a later time; 3) remote patient monitoring, where personal health information or data is collected at one site, typically at home, and that information is transmitted and stored to guide care decisions; 4) mobile health (mhealth), which means health care supported by mobile devices and mobile applications. All of these modes are fast converging as companies and providers seek to offer on-demand access to health services via smartphones.
Telestroke is a form of telemedicine that has enjoyed widespread adoption and accolades. Telestroke allows providers to consult with on-call neurologists in other physical locations to better diagnose and more quickly treat stroke victims. Reducing long-term disability caused by stroke requires quick diagnosis and near immediate treatment, making telestroke a very appealing option. Telestroke uses remote sharing of brain imaging, videoconferencing and, sometimes, camera robotics to determine diagnosis. Increasingly, health systems are joining together in a “spokes and wheel“ approach to telestroke, where many smaller (and often rural or suburban) hospitals join in a telestroke collaboration with a large urban medical center that provides the neurology specialists to consult on cases. These collaborations are typically all in the same state or region to comply with state medical board rules on licensure.
Theft and loss
This includes stolen laptops and lost thumb drives containing patient information that is not encrypted or otherwise secured.
Title II of the Communications Act of 1934 is the legal foundation that allowed the Federal Communications Commission in 2015 to establish rules for Internet service providers that required net neutrality. In December 2017, the FCC voted 3-2 along party lines to overturn Title II net neutrality rules.
The ability for patients and caretakers or parents to view the notes that physicians take during medical appointments via a patient portal or accessible electronic medical record. Also see: OpenNotes
This is information that is not easily organized and often in disperse locations. An example of unstructured data is physician notes in the EHR. Other unstructured data includes information collected from wearable devices, remote monitoring systems, social media, sensors, patient reports and images such as X-rays.
An aspect of telehealth or telemedicine. A virtual visit is a medical appointment that takes place via video between at least two parties (usually patient and physician) in different physical locations.
An online environment designed (intentionally or not) to control a user's access to content, information and services. Navigation is limited to a defined space and is not part of a wider online experience. The opposite of a walled garden is an open ecosystem.
The terms “wearables,” “wearable technology” and “wearable devices“ refer to electronic technologies that are worn on the body or clothing to perform computing tasks. Generally, wearables are able to store and transmit data, and information can be accessed in real-time.
White hat/black hat hacker
A white hat hacker is a computer security specialist who tests the security of computer systems and exposes their vulnerabilities before so-called “black hat“ – nefarious – hackers can detect them and gain unauthorized access.