The US Healthcare IT industry became the primary target of most IT companies with the new policies and regulations around electronic data management and IT-enabled clinics and hospitals in the US. If you’re planning to enter this industry, here is a good starting point to learn the basic terms you would need to know –

Healthcare Systems:

The major components which interact in a healthcare system are:

Providers – Doctors, Hospitals, etc.
Population – Patients, Consumers, etc.
Payers – Insurers, Private companies, Government, etc.

Health Maintenance Organization (HMO):

In HMOs, you can only visit doctors, other health care providers, or hospitals in the HMO network (mentioned on the plan’s list) except in an emergency.

Preferred Provider Organization (PPO):

With a PPO, you can see any doctor you choose but coverage is greater for certain providers (doctors, hospitals and other healthcare service providers) that the PPO has contracted with. Seeing doctors outside of the PPO network results in higher out-of-pocket costs like copayments and coinsurance (defined later). Insurance premiums are generally higher for a PPO compared to HMO.


Run by the federal government.
Aimed for people who are retired – old (above 65) or with permanent disabilities.

Medicare has 4 parts:

Part A. Hospitals (any hospital) – inpatient. copayment. No premium required as long as you pay medical tax which is taken at the salary. 80-90% people go for this plan.

Part B. Doctors – (any doctor, doctors can decide to work with medicare or not but most doctors choose to work with medicare) outpatient. 80% covered, 20% patient. For part B, a small premium has to be paid per month which is very low compared to other policies.

Part A + Part B = Traditional medicare / Original medicare

Part C. Medicare advantage plans: CMS subsidiaries private insurance. You pay (part B) + a little bit extra and federal gov will take that and pay your premium to subsidiary insurers and you will be covered by the subsidiaries.

Part D. Drugs – Was not a part of the original plans. Came out in early 2000s (around 2003) at the time of Bush. Private firms / entities with handle the insurance and medicare will pay them.

People can get supplemental policies from private firms by paying them premium and use them along with Medicare.


Run by federal gov in association with the state gov.
Aimed at lower income population, and also physical disabilities.
Administered at state level.

Executive Branch > HHS > CMS (CMS administers both Medicare and Medicaid at the federal level)


Co-insurance is an insurance-related term that describes a splitting or spreading of risk among multiple parties. A form of medical cost sharing in a health insurance plan that requires an
insured person to pay a stated percentage of medical expenses after the deductible
amount, if any, was paid.

In the US insurance market, coinsurance is the joint assumption of risk between the insurer and the insured. In title insurance, it also means the sharing of risks between two or more title insurance companies.

In health insurance, coinsurance is sometimes used synonymously with copayment, but copayment is really fixed while the coinsurance is a percentage that the insurer pays after the insurance policy’s deductible is exceeded up to the policy’s stop loss.


Acronym for Center for medicare and medicaid services. More info on CMS.GOV

Managed Care:

To describe a variety of techniques intended to reduce the cost of providing health benefits and improve the quality of care, for organizations that use those techniques or provide them as services to other organizations. PPO is the managed care program which is still popular in US.

Insurance Sources:

Private firms
Gov (Medicare and Medicaid)


Person who pays the premium and under whom the family is covered


Who receives medical coverage under a subscriber. Dependents of the


In simple words: Any place where we can go and get treatment. Formal
definition would be “Any individual, institution, or agency that provides health services to health
care consumer.”


An invoice from the provider to the doctor for the services rendered.


A form of medical cost sharing in a health insurance plan that requires an insured person to pay a fixed dollar amount when a medical service is received. The insurer is responsible for the rest of the reimbursement.

In the United States, copayment or copay is a payment defined in the insurance policy and paid by the insured person each time a medical service is accessed.


A fixed dollar amount during the benefit period – usually a year – that an
insured person pays before the insurer starts to make payments for covered medical

FSA (Flexible spending accounts or arrangements):

Accounts offered and administered
by employers that provide a way for employees to set aside, out of their paycheck, pretax
dollars. Can pay only medical expenses. Money lost if unused.FSA can cover childcare
expenses, if setup separately

MSA (Medical Savings Account) / HSA (Health Spending Account):

Savings accounts designated for out-of-pocket medical expenses. Employers and Employees can contribute to this and are pre-taxed. Can carry unused funds into future year. Are normally
combined with high-deductible or catastrophic health insurance plans.

Fully Insured Plan:

A plan where the employer contracts with another organization to
assume financial responsibility for the enrollees’ medical claims and for all incurred
administrative costs.

Electronic Medical Records (EMR):

A digital version of the paper charts in a doctor’s office.
They contain primarily the notes and information collected by and for the clinicians in that office.

Electronic Health Records (EHR):

Electronic health records (EHRs) are built to go beyond standard clinical data collected in a provider’s office and are inclusive of a broader view of a patient’s care. EHRs contain information from all the clinicians involved in a patient’s care and all authorized clinicians involved in a patient’s care can access the information to provide care to that patient. EHRs also share information with other health care providers, such as laboratories and specialists.

Personal Health Records (PHR):

Personal health records (PHRs) contain the same types of information as EHRs—diagnoses, medications, immunizations, family medical histories, and provider contact information—but are designed to be set up, accessed, and managed by patients. Patients can use PHRs to maintain and manage their health information in a private, secure, and confidential environment.

Healthcare provider:

A qualified person or facility that provides healthcare to patients; for example, a doctor, nurse, or hospital.

Healthcare IT (HIT):

The personnel, equipment, and procedures that provide and support the computer systems used in the healthcare environment.

Acute care:

Care that is given short term and for severe afflictions. For example, a patient experiencing a heart attack goes to an acute care facility. Nine types of acute care facilities and agencies are an ambulatory care facility, a primary care facility, an ambulatory surgery center, a birth center, a rehabilitation hospital or center, a general acute care hospital, a home health agency, a hospice agency, and a psychiatric hospital.

Long-term care:

Ongoing treatment or care. For example, a patient with Alzheimer’s goes to a long-term care facility. Long-term care facilities are for patients who need ongoing care after receiving a diagnosis. Three types of long-term care facilities and agencies are an adult day care facility, assisted-living residence, and nursing home.

Structure of a Hospital:

The departments in a hospital each have specific roles to play in healthcare.
Eight standard departments in a hospital are administrative offices, outpatient clinics, inpatient rooms, surgery or operating rooms, radiology, emergency department (ED), pathology and lab, and pharmacy. Three entrances for patients to the hospital system are outpatient, inpatient, and the ED.

Outpatient care lasts less than 24 hours, and patients are usually not admitted into the hospital for inpatient care. Inpatient care is when patients are admitted to the hospital and stay longer than 24 hours.

Information system (IS):

A computerized system used to facilitate the functions of an organization. An IS is a group of components that collect, process, store, and communicate information.

Hospital information system (HIS):

The primary information system used to manage data flow and maintain databases in a hospital. An HIS usually manages patient administration
and order entry. HIS is sometimes called a healthcare information system (HIS). is a key piece of the Affordable Care Act, the law often called Obamacare, passed by Congress in 2010.

One of the goals of the Affordable Care Act was to open up pooled insurance markets where people without insurance could shop for inexpensive insurance plans. The law prohibits participating insurance companies from rejecting applicants because of pre-existing conditions, and it bans lifetime limits on insurance benefits. is made up of two main components, the data hub and the marketplace, or exchange.


The Health Insurance Portability and Accountability Act was enacted by the United States Congress and signed by President Bill Clinton in 1996. HIPAA defines the rules related to the privacy and security of patient health information and has been around since 1996 with periodic updates since then.

Health Insurance Portability and Accountability Act (HIPAA) is a set of rules for protecting e-PHI (electronic protected health information). The Office of Civil Rights (OCR) enforces the HIPAA rules.

HIPAA has four primary rules:

Privacy Rule, Security Rule, Breach Notification Rule, and Enforcement Rule.

HIPAA Controls and Compliance Issues:

HIPAA aims to ensure confidentiality, integrity, and availability of e-PHI.
In the event of a violation, or breach, of HIPAA rules, fines may be imposed by the OCR.
Covered entities are required to ensure confidentiality, integrity, and availability of e-PHI they create, receive, maintain, or transmit; identify and address risks to e-PHI; and ensure compliance by their workforce. Written permission must be obtained before e-PHI may be released or distributed to anyone HIPAA does not allow. Covered entities must use role-based access control to restrict access to e-PHI by its personnel.

Keeping e-PHI secure is a concern for HIPAA because HIPAA is designed to protect e-PHI. The security measures include all the administrative,
physical, and technical safeguards in any IS containing or processing e-PHI. This includes security protocols that HIT technicians must follow, such
as administrating security access. HIPAA security protects e-PHI created, received, used, or maintained by a covered entity. The OCR is responsible for enforcing HIPAA security. The
following portions of HIPAA security ensure the confidentiality, integrity, and availability of e-PHI.

The breach of a HIPAA rule must be defined for covered entities to know boundaries of what is not acceptable behavior to maintain privacy of
patients. A breach can be theft, unauthorized access or disclosure, loss, or improper disposal of e-PHI.

Normally, the OCR does not intervene when there is a violation to HIPAA rules. Instead, the covered entity that violates the rule issues voluntary
compliance and corrective action that reaches a satisfactory resolution with the OCR. If the violating entity does not handle the offense properly, there are
monetary penalties. HIPAA states the fine for each incident should not exceed $100 or $25,000 for identical violations within a calendar year.

Rules of Record Retention and Disposal:
The three types of health records are public, private, and legal.
The public health record is used for the collection of public health data to be analyzed by researchers.
The private health record is the health record created and maintained by an individual.
The legal health record is collected and retained for use by the patient or legal services.
Health records must be retained for a minimum of six years. States may add to the length of time for record retention.
Disposed records must be unreadable, indecipherable, and unable to be reconstructed.


(Health IT for economic and clinical health act)
HITECH became effective on February 18, 2009.

Under the HITECH Act, the United States Department of Health and Human Services is spending $25.9 billion to promote and expand the adoption of health information technology. HITECH is a subsection of the American Recovery and Reinvestment Act (ARRA) legislation that provided incentives to physicians and hospitals to “meaningfully” adopt EHR solutions. But the act also contained elements related to the security of ePHI. Hence, the HITECH Act widens the scope of privacy and security protections available under HIPAA; increases potential legal liability for non-compliance; and provides more enforcement of HIPAA rules.

Since many doctors were not using EHR and were still working on paper for prescriptions, etc., Obama wanted to push the industry to adopt EHR (Electronic Health Records).
Since cost is the major factor which stops doctors from making the switch, Hitech act provides funds to increase EHR adoption and get rid of paperwork. Incentive money from Medicare (44k USD) and Medicaid. Penalties begin in 2016 in case of failure of adoption. Incentives can be received starting 2011.

Meaningful Use:

A doctor can’t just buy an EHR and forget about it, doctors have to show Meaningful Use of the EHR. Doctors must purchase certified EHRs and show MU of the same.

Electronic health records can provide many benefits for providers and their patients, but the benefits depend on how they’re used. Meaningful use is the set of standards defined by the Centers for Medicare & Medicaid Services (CMS) Incentive Programs that governs the use of electronic health records and allows eligible providers and hospitals to earn incentive payments by meeting specific criteria.

Show use of records to enter prescriptions, providing electronic copies of the patients and so on depending on the MU guidelines. Meaningful Use requirements defined in terms of goals.
Only using certified EHR and meeting these requirements will allow access to the incentive money.

“The wrong solution will cost you more than what the incentives will pay.”

The Medicare and Medicaid EHR Incentive Programs are staged in three steps with increasing requirements for participation. All providers begin participating by meeting the Stage 1 requirements for a 90-day period in their first year of meaningful use and a full year in their second year of meaningful use. After meeting the Stage 1 requirements, providers will then have to meet Stage 2 requirements for two full years. Eligible professionals participate in the program on the calendar years, while eligible hospitals and CAHs participate according to the federal fiscal year.

There may be changes and the same will be published and will have to be adopted by all.

Stages of Meaningful Use:

MU Stage 1: capture and share data
MU Stage 2: advance clinical processes
MU Stage 3: Improved outcomes

Stage 1:
Electronically capturing health information in a standardized format
Using that information to track key clinical conditions
Communicating that information for care coordination processes
Initiating the reporting of clinical quality measures and public health information
Using information to engage patients and their families in their care

Stage 2:
More rigorous health information exchange (HIE)
Increased requirements for e-prescribing and incorporating lab results
Electronic transmission of patient care summaries across multiple settings
More patient-controlled data

Stage 3:
Improving quality, safety, and efficiency, leading to improved health outcomes
Decision support for national high-priority conditions
Patient access to self-management tools
Access to comprehensive patient data through patient-centered HIE
Improving population health

The HITECH Act regulates how HIT interacts with third parties and requires healthcare facilities to move toward electronic solutions to store patient data and to no longer use paper forms and
charts for retaining patient records. The electronic medical record (EMR) and electronic health record (EHR) store and gather the same patient data as does a
medical record using forms and paper charts, except the EHR/EMR stores the data in electronic format. A patient’s EMR is a collection of all patient information about
a patient from all visits to a particular hospital. A patient’s EHR is a collection of all patient information about a patient from all visits to any hospital. EHR and EMR
systems are quickly replacing the outdated paper form and chart filing systems.

Because of the HITECH Act, older paper charts must be scanned and stored electronically, and then the paper charts must be properly disposed of so that the
information cannot be recovered. For example, one method to properly dispose of a document with patient information is to shred the document. New EHR/EMR
information systems must be built, installed, and supported to retain patient data. This push toward EHRs/EMRs creates job opportunities for IT technicians to
branch into the healthcare industry.

The Importance of the HITECH Act:

The HITECH Act regulates how HIT interacts with third parties.
The HITECH Act requires healthcare facilities to use EMR/EHR systems.
With HIT, patient information has fewer chances of human error by electronically transferring and storing information.


EDI (Electronic Data Interchange) is a standard format for exchanging business data.
Electronic data interchange (EDI) is a document standard which when implemented acts as common interface between two or more computer applications in terms of understanding the document transmitted. It is commonly used by big companies for e-commerce purposes, such as sending orders to warehouses or tracking their order. It is more than mere e-mail; for instance, organizations might replace bills of lading and even cheques with appropriate EDI messages.

Organizations that send or receive documents between each other are referred to as “trading partners” in EDI terminology. The trading partners agree on the specific information to be transmitted and how it should be used. Trading partners are free to use any method (serial communication, internet, P2P, value added networks, so on…) for the transmission of documents. Furthermore, they can either interact directly, or through a third party.


Health Level 7. A standard for exchange and management of electronic health information. Name created from the 7th layer of the OSI model (the application layer).
Focuses on App layer protocol. Providers have diff applications for billing, patient tracking, etc. All these should be able to communicate with each other. HL7 help in this.

A HL7 interface engine is an interface or integration engine built specifically for the healthcare industry. It connects legacy systems by using a standard messaging protocol. Because hospitals and other healthcare providers usually have different systems for different aspects of services, they are often unable to communicate with each other. HL7 gets around that problem by providing the framework for the exchange, integration, sharing and retrieval of electronic health information. These standards and the most commonly used throughout the world.

By using a HL7 interface engine, health providers can realize the benefits of existing legacy information systems without major re-investment in new technologies, lowering costs and extending the life and efficiencies of current systems. There is also opportunity to link to systems outside the healthcare provider such as providers of outsourced services like radiology.

Regardless of the technical approach, it must be ensured that HL7 capabilities are included. In short, an expensive HIPAA solution is incomplete—and worse, non-compliant—if the core systems don’t “speak HL7” when required.

For Providers: If your HIS (or business partner systems) cannot communicate patient data to payers in HL7 format, you may not get paid.
For Payers: If your claims processing system cannot handle HL7 patient data, you can’t serve your provider base effectively.

HL7 is a key component of HIS interoperability efforts and a significant standard in its own right. From a HIPAA perspective, however, HL7 is a small but crucial piece of the puzzle.

HL7 is a syntax standard specifically designed by the healthcare industry to facilitate patient data exchange between computer applications and systems—typically systems within or connected to one healthcare enterprise. HL7 is now in its 14th year of development, and has become the de facto standard for patient data exchange by specifying the format, structure, and sequence of that data.

As such, HL7 has a different scope and focus than HIPAA. HL7 is not targeted at the transformation of business or patient care processes.
Its mission is to establish a common language among computer applications regardless of platform, architecture, or programming language. While less far-reaching than HIPAA, HL7 is complex and intricate enough to have created its own industry.

Although the actual syntaxes are different, HL7 is similar in concept to the X12 EDI standard used for HIPAA-compliant data transfer. HL7 is also different from X12 in that it was designed from the ground up as a healthcare exchange standard—rather than adapted from a larger EDI standard.

Founded in 1987, Health Level Seven International (HL7) is a not-for-profit, ANSI-accredited standards developing organization dedicated to providing a comprehensive framework and related standards for the exchange, integration, sharing, and retrieval of electronic health information that supports clinical practice and the management, delivery and evaluation of health services. HL7’s 2,300+ members include approximately 500 corporate members who represent more than 90% of the information systems vendors serving healthcare.

All hospital information systems have interfaces of one sort or another. The purpose of an interface is to communicate data from one IS to another IS. What travels between the information systems are messages. Messages contain the data about a patient and his visit to the hospital. To understand the message and the path it takes, you need to know what the message is, the format the message uses, and how it travels from IS to IS.

This data contains information about the patient demographic, encounter, or charges. The data is formatted in a standard used across healthcare organizations. This standard is called Health Level 7 (HL7) as developed by the HL7 organization. HL7 (ANSI certified) is an interface protocol at the application level designed for healthcare applications and systems. A standard format for sending messages means that the destination IS understands the data presented. This also means that the same message can be used to communicate to several different systems who all “speak the same language.”

Handling PHI:

PHI is protected by physical and technical safeguards.
Place computers where only personnel can view the screen and use privacy screens when you can’t place the computer in a restricted location.
Place printers and fax machines out of public areas.
Ask users to quickly pick up printed documents containing PHI.
Activate the locking screensaver on a computer.
When staff schedules permit, use a time lockout on user accounts.

Claims Processing and Management:

Claims processing is one of the most crucial service activities insurance companies perform. However, the complexity of managing a claims environment with multiple systems and manual hand-offs can create errors and delays that can cause irreparable harm to customer relationships. Claims processing and management solution improving claims service while reducing costs. The solution is focused on enabling financial services companies to increase productivity and reduce operational costs, ensure accurate and consistent claims decisions, improve service levels, and reduce backlogs. Claims Management provides a flexible solution to manage the entire claims process — from initial notification through claim disposition and payment.

Features (in steps) of a claim management solution:

Receive initial notification from various sources like mail, fax, email, call center, etc.
Notification details are recorded and can vary by type of claim.
A complete list of policies associated with the claims, as well as previous claims history, is immediately available to claims professionals to review and validate the claim.
Claims can be automatically or manually routed to an examiner or other claims professional based on configurable business rules.
Claims Management also provides support for defining parties and designations, information requirements ordering and follow-up, claim and benefit calculations and adjustments, and quality checking and approval.
Claims requiring special handling, such as contestable claims or claims requiring investigation, can be tracked and managed.

Hospice Care:

Hospice care is a type and philosophy of care that focuses on the palliation (to make less severe) of a terminally ill or seriously ill patient’s pain and symptoms, and attending to their emotional and spiritual needs. Hospice care is end-of-life care. The goal of the care is to help people who are dying have peace, comfort, and dignity. The caregivers try to control pain and other symptoms so a person can remain as alert and comfortable as possible. Hospice programs also provide services to support a patient’s family. Focus on care, not cure.

In hospice care the main guardians are the family caregiver and a hospice nurse who makes periodic stops. Hospice can be administered in a nursing home, hospice building, or sometimes a hospital; however, it is most commonly practiced in the home. In order to be considered for hospice care, one has to be terminally ill or expected to die in six months. Although the movement has met with some resistance, hospice has rapidly expanded through the United Kingdom, the United States and elsewhere.

India’s first hospice, Shanti Avedna Ashram, opened in Bombay in 1986. The first modern free-standing hospice in China opened in Shanghai in 1988.

The goal of hospice treatment is to keep you comfortable and improve your quality of life while you are dying. This philosophy is a shift from usual medical treatments, in which health professionals strive to cure your disease. Hospice services are not intended to speed up or prolong the dying process. They focus instead on relieving pain and other symptoms. Hospice caregivers are concerned with enhancing the quality of remaining life by keeping you as alert and comfortable as possible in a familiar environment with family and friends.

Hospice services typically include:
Basic medical care with a focus on pain and symptom control.
Access to a member of your hospice team 24 hours a day, 7 days a week.
Medical supplies and equipment as needed.
Counseling and social support to help you and your family with psychological, emotional, and spiritual issues.


mHealth (also written as m-health or mobile health) is a term used for the practice of medicine and public health, supported by mobile devices. The term is most commonly used in reference to using mobile communication devices, such as mobile phones, tablet computers and PDAs, for health services and information.

Examples of existing mHealth innovations are:

SMS alerts that remind patients to take their prescription drugs at the appropriate time.
Remote diagnosis and even treatment for patients who do not have easy access to a physician.
Remote health monitoring (RHM) devices that track and report patients’ conditions.