Term
|
Definition
| Actions that improperly use another person's resources |
|
|
Term
| Acknowledgment of Receipt of Notice of Privacy Practices |
|
Definition
| Form accompanying covered entity's Notice of Privacy Practices |
|
|
Term
|
Definition
| Updated electronic data standard for transmitting HIPAA X12 documents |
|
|
Term
|
Definition
| Formal examination or review |
|
|
Term
|
Definition
| Under the HIPAA Privacy Rule, impermissible use or disclosure that compromises the security or privacy of PHI that could pose a significant risk of financial, reputational, or other harm to the affected person |
|
|
Term
|
Definition
| Documentation used by a covered entity to notify individuals of a breach in their PHI required under the new HITECH breach notification rules |
|
|
Term
|
Definition
| A person or organization that requires access to PHI to perform a function or activity on behalf of a covered entity but is not part of its workforce |
|
|
Term
| Centers for Medicare and Medicaid Services (CMS) |
|
Definition
| Federal agency in the Department of Health and Human Services that runs Medicare, Medicaid, clinical laboratories, and other government health programs; responsible for enforcing all HIPAA standards other than the privacy and security standards |
|
|
Term
|
Definition
| A company that processes electronic health information and executes electronic transactions for providers |
|
|
Term
|
Definition
| Alphabetic and/or numeric representations for data |
|
|
Term
|
Definition
| Under HIPAA, a health plan, clearinghouse, or provider who transmits any health information in electronic form in connection with a HIPAA transaction |
|
|
Term
| Electronic Data Interchange (EDI) |
|
Definition
| Computer-to-computer exchange of routine business information using publicly available electronic standards |
|
|
Term
| Electronic Protected Health Information (ePHI) |
|
Definition
| PHI that is created, received, maintained, or transmitted in electronic form |
|
|
Term
|
Definition
| Process of converting electronic information into an unreadable format before it is distributed |
|
|
Term
|
Definition
| Intentional act of deception to take financial advantage of another person |
|
|
Term
| Health Care Fraud and Abuse Control Program |
|
Definition
| Government program to uncover misuse of funds in federal health care programs run by the Office of the Inspector General |
|
|
Term
| Health Information Technology for Economic and Clinical Health (HITECH) Act |
|
Definition
| Provisions in the ARRA of 2009 that extend and reinforce HIPAA and contain new breach notification requirements for covered entities and business associates, guidance on ways to encrypt or destroy PHI to prevent a breach, requirements for informing individuals when a breach occurs, higher monetary penalties for HIPAA violations, and stronger enforcement of the Privacy and Security Rules |
|
|
Term
| HIPAA Electronic Health Care Transactions and Code Sets (TCS) |
|
Definition
| HIPAA rule governing the electronic exchange of health information |
|
|
Term
| HIPAA National Identifiers |
|
Definition
| HIPAA-mandated identification system for employers, health care providers, health plans, and patients |
|
|
Term
|
Definition
| Law that regulates the use and disclosure of patients' protected health information |
|
|
Term
|
Definition
| Law that requires covered entities to establish administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of health information |
|
|
Term
| National Provider Identifier (NPI) |
|
Definition
| Under HIPAA, system for identifying all health care providers using unique ten-digit identifiers |
|
|
Term
| Notice of Privacy Practices (NPP) |
|
Definition
| HIPAA-mandated document stating the privacy policies and procedures of a covered entity |
|
|
Term
| Protected Health Information (PHI) |
|
Definition
| Individually identifiable health information transmitted or maintained by electronic media or in any other form or medium |
|
|
Term
| Release of Information (ROI) |
|
Definition
| Process followed by employees of covered entities when releasing patient information |
|
|
Term
| Treatment, Payment, and Health Care Operations (TPO) |
|
Definition
| Under HIPAA, three conditions under whcih patients' protected health information may be released without their consent |
|
|
