Health IT glossary's health IT glossary provides definitions and information for many terms used in the complex field of healthcare-related information technology and management systems.

1 2 3 4 5 Page 3
Page 3 of 5

Fast Healthcare Interoperability Resources (FHIR)

FHIR is a new standards framework from Health Level Seven (HL7), the leading healthcare standards development organization. In conjunction with Restful APIs, the Oauth authorization standard, and a visualization layer called SMART, FHIR promises to facilitate interoperability, broaden EHR capabilities, and accelerate innovation in the use of mobile health apps. FHIR uses snippets of data known as resources to represent clinical entities within EHRs in a web services context. Non-proprietary APIs can be used to connect FHIR applications to any FHIR-enabled EHR without customized interfaces. A coalition of 40-plus EHR suppliers and other stakeholders is currently building out and testing FHIR. Eventually, experts say, FHIR should enable providers to exchange discrete data directly between EHRs, using cloud-based networks.

FDA mHealth regulations

The Food & Drug Administration (FDA) regulates mobile health apps as medical devices, but only if they fall into one of three categories. First, FDA approval is required to market an app that functions like a device that the FDA already regulates, such as an app that turns an iPhone into an electrocardiography (ECG) machine. Second, the FDA regulates apps that are accessories to a regulated device, such as a tablet app that displays x-rays from an FDA-approved PACS. Third, mobile medical apps that suggest diagnoses and provide treatment advice are regulated. Taken together, these regulated products form a very small portion of the estimated 63,000 mHealth apps on the market.

Genomic sequencing

Following the publication of the first human genome sequence in 2003, researchers began using big data methods to cope with the huge amounts of data generated by sequencing. As sequencing costs have dropped astronomically and as the healthcare industry has adopted EHRs, the pace of research has accelerated. Researchers are now racing to match the variants in the genotypes of patients with the differences in their phenotypes —their individual characteristics and diseases – to figure out which genes may be responsible for particular health conditions. As this work progresses, the possibility of personalized medicine is starting to be actualized, especially in cancer care. But much more work needs to be done to help physicians interpret genetic signs and correlate them with symptoms.

Health information exchange (HIE)

This term refers both to the act of exchanging health data and an organization that facilitates information exchange. HIEs may be statewide, regional, metropolitan, or organization-specific. The latter, known as private HIEs, have been growing more quickly than public HIEs in recent years. That is partly because public HIEs have had difficulty in providing a return on investment to local providers. Indeed, most HIEs subsisted on government grants until they dried up, and the majority of them have yet to find a viable business model. Some HIEs offer data analysis services and help in meeting the "transitions of care" requirements of the government's EHR incentive program (see the section on government regulations).

Health information service providers (HISPs)

HISPs are the glue that holds together direct secure messaging. HISPs transport messages from one provider to another and supply directories of Direct addresses so that physicians or hospitals can find one another on the Direct network.  HISPs may be independent or owned by EHR vendors; they can also be regional or national. The big problem that HISPs had to address early on was the lack of trust among them. Without knowing who they were dealing with, they didn't want to convey messages that included protected health information (PHI). DirectTrust, a nonprofit trade organization, has done a lot to overcome this lack of trust by accrediting the leading HISPs through the Electronic Healthcare Network Accreditation Commission (EHNAC). But the HISPs have still not agreed upon a standardized method to share their provider directories.

Health Level 7

Founded in 1987, this nonprofit, member-governed body has developed IT standards used in the global healthcare industry. Virtually all large U.S. healthcare organizations use Health Level 7 (HL7) messaging to connect their systems, often through some kind of middleware. However, HL7-based interfaces are insufficient to provide interoperability between disparate EHRs. In addition, HL7 permits customization that, over time, has produced significant differences in how its standards are applied in various organizations. HL7 developed a Clinical Data Architecture (CDA) used in clinical summaries that providers must exchange under the meaningful use program. And as mentioned above, the HL7 draft standards framework known as Fast Interoperability Health Resources (FHIR) has raised expectations that it will increase interoperability.


The acronym HIPAA refers to the federal Health Insurance Portability and Accountability Act of 1996. The original intent of the law was to help people keep health insurance when they switched or lost jobs. HIPAA also requires providers to protect the privacy and security of health information and to take steps to control administrative costs by simplifying electronic transactions. CMS has implemented a number of measures to standardize the electronic exchange of administrative data, including claims, eligibility, claims status, ERA, and EFT. But the most important part of HIPAA for healthcare providers and consumers have been the privacy and security provisions, which were strengthened by the same 2009 law that created the meaningful use program. Penalties for violations of these provisions were increased to up to $1.5 million per violation, depending on the circumstances. So healthcare providers – who already were very wary about violations of patient confidentiality – have stepped up their efforts to prevent data security breaches. As mentioned earlier, however, the number of breaches continues to grow.

Hospital information systems

Hospital EHRs include many components that EHRs for office-based doctors lack, including ancillary clinical systems, electronic medication administration records, and computerized practitioner order entry (CPOE). In addition, they have both nursing and physician documentation. Hospital information systems are very complex and include products developed by vendors other than the healthcare system's main EHR vendor, such as lab, pharmacy, and radiology picture archiving and communications systems (PACS). To help these systems exchange information, hospitals may use interfaces based on Health Level 7 (HL7) standards, middleware, or enterprise viewers for disparate PACS.


Since Oct. 1, 2015, healthcare providers have had to use the International Classification of Diseases (ICD)-10 diagnostic code set in order to file claims with Medicare, Medicaid, and private payers. This has been a monumental shift for the industry, since the current ICD-9 code set has about a fifth as many codes as ICD-10 does. Physicians and billers had to be trained to select the correct codes, and healthcare organizations had to do extensive internal and external testing. CMS struck an agreement with the American Medical Association (AMA) to allow Medicare claims to be paid for the first year if coders got the primary ICD-10 codes right. But commercial payers did not follow suit. While the initial transition has been fairly smooth, it's still unclear how much disruption there will be in payments.


The meaningful use and EHR certification rules include a number of provisions related to interoperability, which refers to the ability of different health IT systems to communicate with one another. At one level, this can mean the exchange of secure messages with document attachments. But for the kind of data liquidity that analytics require, EHRs should be able to ingest data from other systems and sort it into the appropriate fields, with provider approval. Up to now, interoperability at either of these levels has been very limited. The government has been reluctant to prescribe standards to the private sector, and the healthcare industry's efforts to promote interoperability have run into complex business and technical barriers. However, some new approaches such as Direct messaging and FHIR are promising, and some of the leading EHR vendors and HIEs have banded together in various coalitions to pave the way for interoperability.

1 2 3 4 5 Page 3
Page 3 of 5
The CIO Fall digital issue is here! Learn how CIO100 award-winning organizations are reimagining products and services for a new era of customer and employee engagement.