Under HIPAA, terms that provide for uniformity and simplification of health care billing and record keeping.
Health care providers and clearinghouses that transmit HIPAA transactions electronically, and must comply with HIPAA standards and rules.
Electronic exchanges of information between two covered-entity business partners using HIPAA-mandated transaction standards.
To remove all information that identifies patients from health care transactions.
Designated record set
Records maintained by or for a HIPAA-covered entity.
Electronic data interchange (EDI)
The use of uniform electronic protocols to transfer business information between organizations via computer networks.
The sending of information from one network-connected computer to another.
The scrambling or encoding of information before sending it electronically.
Hardware, software, or both designed to prevent unauthorized persons from accessing electronic information.
Health Insurance Portability and Accountability Act (HIPAA)
A federal law passed in 1996 to protect privacy and other health care rights for patients. The act helps workers keep continuous health insurance coverage for themselves and their dependents when they change jobs, and protects confidential medical information from unauthorized disclosure and/or use. It was also intended to help curb the rising cost of health care fraud and abuse.
limited data set
Protected health information from which certain specified, direct identifiers of individuals have been removed.
Term referring to the limited amount of patient information that may be disclosed, depending on circumstances.
Notice of Privacy Practices (NPP)
A written document detailing a health care provider's privacy practices.
Reasons under HIPAA for disclosing patient information.
Freedom from unauthorized intrusion.
Protected Health Information (PHI)
Information that contains one or more patient identifiers.
A document that includes the HIPAA standards or requirements.
The use of policies and procedures to protect electronic information from unauthorized access.
A general requirement under HIPAA.
If a state's privacy laws are stricter than HIPAA privacy standards, state laws take precedence.
Transmission of information between two parties for financial or administrative activities.
Treatment, payment, and healthcare operations (TPO)
A HIPAA term for qualified providers, disclosure of PHI to obtain reimbursement, and activities and transactions among entities. Treatment means that a health care provider can provide care; payment means that a provider can disclose PHI to be reimbursed; health care operations refers to HIPAA-approved activities and transactions.
The requirement under HIPAA that a patient's identity be verified before protected health information is released.