A

API

API stands for Application Programming Interface . APIs are a set of functions and procedures that allow for the creation of applications that access data and features from other applications, services or operating systems. In other words, APIs enabled different systems to interact.

Advanced Encryption Standard

Advanced Encryption Standard (AES) is the standard chosen by the U.S. government to protect sensitive information through encryption.

Anti-Data Blocking Rule

In 2020, the Department of Health and Human Services issued two rules, that together are revolutionizing healthcare data sharing. The new policies are designed to give patients better access to their health information and prohibits data blocking. EHR companies will have to comply. Learn more about it in our blog post.

B

BAA

BAA stands for Business Associate Agreement . A BAA is a signed document between a Covered Entity and any organization that interacts with PHI on behalf of the Covered Entity. Examples of business associates include: Third-Party Vendors, Consultants, Lawyers, and Billing Companies.

BASA

BASA stands for Business Associate Subcontractor Agreement . A BASA, similar to a BAA, is a signed document between an entity to which a business associate delegates a specific function or service.

C

C-CDA

C-CDA stands for Consolidated Clinical Data Architecture . A CDA is an electronic document written in Clinical Document.

CCD

CCD stands for Continuity of Care Document . A CCD is a snapshot of a patient’s health at a point in time. This includes information such as patient demographics, immunizations, allergies, medication list, procedures, lab results, etc.

COPPA

COPPA stands for the Children’s Online Privacy Protection Act, which gives parents control over what information websites can collect from their children.

Continuity of Care

Continuity of Care is the process where a patient and his/her physician are involved in the ongoing care of the patient. Its focus is on providing high-quality, cost-effective care.

Covered Entity

A Covered Entity, as defined by the HHS, is anyone who provides treatment, payment and operations in healthcare. EHRs are notably not Covered Entities. Neither are any organizations who do not have a direct healthcare relationship with a patient.

D

Data Usage Agreement

A Data Use Agreement (DUA) is an agreement put in place for the sharing of data between research collaborators who are covered entities under the HIPAA.

E

Endpoint

An endpoint is a unique URL housing data. Endpoints are accessed via an API.

Endpoint Directory

An Endpoint Directory is used to organize and manage a list of endpoints within a network.

F

FCRA

FCRA stands for the Fair Credit Reporting Act, which protects information collected by consumer reporting agencies such as medical information companies.

FERPA

FERPA is the Family Education Rights and Privacy Act, which protects the privacy of student education records and gives parents certain rights with respect to their children's education records (when students are under 18 years of age) and transfers to the student when they are 18 years old.

FHIR

FHIR stands for Fast Healthcare Interoperability Resource . FHIR is a standard for exchanging healthcare information electronically. FHIR protocol was developed based on the industry standard HL7. It is a newly accepted format for API healthcare information exchange.

G

GLBA

GLBA stands for the Gramm-Leach-Bliley Act, which requires financial institutions to explain their information-sharing practices to their customers and to protect sensitive data.

H

HIE

An HIE, a Health Information Exchange, is an electronic health record exchange that allows Covered Entities to securely access health information.

HIPAA

HIPAA stands for Health Insurance Portability and Accountability Act , which is a federal law that required the creation of national standards to protect patient health information from being disclosed without the patient’s consent or knowledge.

HITRUST

HITRUST (Health Information Trust Alliance) was founded in 2007 with the intent to provide an option for the healthcare sector to address information risk management across a matrix of third-party assurance assessments. Particle Health is in the midst of HITRUST accreditation with expected certification in early 2021.

I

IHE

IHE stands for Integrating the Healthcare Enterprise . IHE is a non-profit organization dedicated to improving the way computer systems in healthcare share information.

J

JSON

JSON stands for JavaScript Object Notation . JSON is a standardized format (language) for data interchange using human-readable text that can be sent over a network.

N

Network

A Network is a single system integrated with many providers. Networks can be leveraged to access data from multiple providers simultaneously, without the hassle of integrating with individual providers.

At Particle, we work with the Carequality and CommonWell networks, both of which are federated, and provide an easy way to connect to the US healthcare system. The Particle Health network is therefore able to access records from a variety of different EHR providers, such as: Epic, Cerner, AllScripts, athenahealth, eClinicalWorks, SureScripts, and Walgreens.

O

ONC

ONC stands for Office of National Coordinator for Health Information Technology . The ONC is the federal entity responsible for coordinating nationwide efforts to implement and use the most advanced health information technology.

P

PHI

PHI stands for Protected Health Information . HIPAA provides federal protections for personal health information held by covered entities and provides patients an array of rights with respect to that information.

PII

PII stands for Personal Identifiable Information . Information that, when used alone or with other relevant data, can identify an individual is considered PII. Like PHI, PII must be protected and handled with care.

Patient Consent

Patient Consent is explicit permission, usually in writing, given by a patient to a third party before sharing, using, or disclosing PHI.

Purpose of Use

Purpose of Use (PoU) is the reason for which a patient health record is being accessed. When using the Particle API, Purpose of Use is a required field when querying. Valid Purposes of Use are: Treatment, Payment, Operations, Coverage and Individual Access, however, currently the healthcare network responds only for the Treatment Purpose of Use.

Q

Query

A query is a call, or request, to the network to pull data. Querying the Particle API network means requesting information based on the demographic information of a patient.

R

Recognized Coordinating Entity

The Recognized Coordinating Entity (RCE) has been awarded to The Sequoia Project , who will be responsible for developing, updating, implementing, and maintaining the Common Agreement component of the Trusted Exchange Framework and Common Agreement (TEFCA).

Record Locator Service

A Record Locator Service (RLS) is a key component of the health data exchange process. An RLS searches different network(s) and HIE for medical records. At Particle, our RLS performs a statewide search for a patient’s records, as well as a radius search of 50 miles.

S

SOC 2

SOC 2 compliance is a component of the American Institute of CPAs (AICPA)’s Service Organization Control reporting platform. It is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.

Subscriptions

Subscriptions is an API feature that allows customers to pull new data and be notified on a daily (or other interval) basis for patients to which they subscribe.

T

TEFCA

TEFCA stands for the Trusted Exchange Framework and Common Agreement, which is part of the 21st Century Cures Act and is a comprehensive framework for how organizations should, both technically and by policy, exchange data across the entire U.S.

Treatment

Treatment refers to a Purpose of Use defined as accessing patient health data for the provision, coordination or management of care and related services among health care providers or by a health care provider with a third party.

Turtle

Turtle stands for Terse RDF Triple Language . It is a syntax and file format that can be used for FHIR Resources.

X

XML

XML stands for Extensible Markup Language . XML is the basis for many different documents including CCD and C-CDAs and it is one of the acceptable formats for FHIR Resources.

Z

Zip File

A Zip File is an archive file format that is a collection of compressed files. Using a Zip File prevents data loss and shrinks the size of download so that hundreds or thousands of files can be downloaded quicker.