Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
INSUR {CBCS-CPC}
EHR, HIPAA, HITECH, Patient Health Info
| Term | Definition |
|---|---|
| 21st century cures act | A federal law that requires providers to make certain specific categories of clinical notes digitally accessible to patients. |
| abuse | Action that improperly uses another person’s resources. |
| accountable care organization (ACO) | A network of doctors and hospitals that shares responsibility for managing the quality and cost of care provided to a group of patients. |
| accounting of disclosure | The documentation of the disclosure of a patient’s PHI in his or her medical record in cases when the individual did not authorize it and it was not a permitted disclosure. |
| affordable care act (ACA) | Health system reform legislation that offers improved insurance coverage and other benefits. |
| audit | Methodical review; in medical insurance, a formal examination of a physician’s accounting or patient medical records. |
| authorization | 1. Document signed by a patient to permit release of particular medical information under the stated specific conditions. |
| breach | An impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of PHI and also that could pose significant risk of financial, reputational, or other harm to the affected person. |
| breach notification | The document notifying an individual of a breach. |
| business associate (BA) | A person or organization that performs a function or activity for a covered entity but is not part of its workforce. |
| centers for Medicare and Medicaid services (CMS) | Federal agency within the Department of Health and Human Services (HHS) that runs Medicare, Medicaid, clinical laboratories (under the CLIA program), and other government health programs. |
| clearinghouse | A company (billing service, repricing company, or network) that converts nonstandard transactions into standard transactions and transmits the data to health plans |
| code set | Alphabetic and/or numeric representations for data. Medical code sets are systems of medical terms that are required for HIPAA transactions. Administrative (nonmedical) code sets, such as taxonomy codes and ZIP codes, are also used in HIPAA transactions. |
| compliance plan | A medical practice’s written plan for the following: the appointment of a compliance officer and committee; a code of conduct for physicians’ business arrangements and employees’ compliance; training plans; properly prepared and updated coding tools such as job reference aids, encounter forms, and documentation templates; rules for prompt identification and refunding of overpayments; and ongoing monitoring and auditing of claim preparation. |
| covered entity (CE) | Under HIPAA, a health plan, clearinghouse, or provider who transmits any health information in electronic form in connection with a HIPAA transaction |
| cybersecurity | The process of protecting information confidentiality, integrity, and availability by preventing, detecting, and responding to attacks on digital data. |
| de-identified health information | Medical data from which individual identifiers have been removed; also known as a redacted or blinded record. |
| designated record set (DRS) | A covered entity’s records that contain protected health information (PHI); for providers, the designated record set is the medical/financial patient record. |
| documentation | The systematic, logical, and consistent recording of a patient’s health status—history, examinations, tests, results of treatments, and observations—in chronological order in a patient medical record. |
| electronic data interchange (EDI) | The system-to-system exchange of data in a standardized format. |
| encounter | An office visit between a patient and a medical professional. |
| encryption | A method of scrambling transmitted data so they cannot be deciphered without the use of a confidential process or key. |
| evaluation and management (E/M) | Provider’s evaluation of a patient’s condition and decision on a course of treatment to manage it. |
| false claims act | federal law prohibiting intentional misrepresentation related to healthcare claims |
| fraud | Intentional deceptive act to obtain a benefit. |
| health information technology for economic and clinical health (HITECH) act | Law that guides the use of federal stimulus money to promote the adoption and meaningful use of health information technology, mainly using electronic health records. |
| health insurance portability and accountability act (HIPAA) of 1996 | Federal act that set forth guidelines for standardizing the electronic data interchange of administrative and financial transactions, exposing fraud and abuse in government programs, and protecting the security and privacy of health information. |
| HIPAA electronic health care transactions and code sets (TCS) | The HIPAA rule governing the electronic exchange of health information. |
| HIPAA national identifiers | HIPAA-mandated identification systems for employers, healthcare providers, health plans, and patients; the NPI, National Provider System, and employer system are in place; health plan and patient systems are yet to be created. |
| HIPAA privacy rule | Law that regulates the use and disclosure of patients’ protected health information (PHI). |
| HIPAA security rule | Law that requires covered entities to establish administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of health information. |
| informed consent | The process by which a patient authorizes medical treatment after discussion about the nature, indications, benefits, and risks of a treatment a physician recommends. |
| malpractice | Failure to use an acceptable level of professional skill when giving medical services that results in injury or harm to a patient. |
| meaningful use | The utilization of certified EHR technology to improve quality, efficiency, and patient safety in the healthcare system. |
| medical documentation and revenue cycle | A series of steps that explain how using EHRs is integrated with practice management programs as the 10-step billing process is formed. |
| medical record | A file that contains the documentation of a patient’s medical history, record of care, progress notes, correspondence, and related billing/financial information. |
| medical standards of care | State-specified performance measures for the delivery of healthcare by medical professionals. |
| minimum necessary standard | Principle that individually identifiable health information should be disclosed only to the extent needed to support the purpose of the disclosure. |
| national provider identifier (NPI) | Under HIPAA, unique ten-digit identifier assigned to each provider by the National Provider System. |
| notice of privacy practices (NPP) | A HIPAA-mandated description of a covered entity’s principles and procedures related to the protection of patients’ health information. |
| office for civil rights (OCR) | Government agency that enforces the HIPAA Privacy Act. |
| office of the inspector general (OIG) | Government agency that investigates and prosecutes fraud against government healthcare programs such as Medicare. |
| omnibus rule | Set of regulations enhancing patients’ privacy protections and rights to information and the government’s ability to enforce HIPAA. |
| operating rules | Rules that improve interoperability between the data systems of different entities, such as health plans and providers, and so increase their usefulness. |
| password | Confidential authentication information composed of a string of characters. |
| protected health information (PHI) | Individually identifiable health information that is transmitted or maintained by electronic media. |
| relator | Person who makes an accusation of fraud or abuse in a qui tam case. |
| Stark law | A federal law that governs physician self-referrals in financial relationships with other healthcare service providers. |
| transaction | Under HIPAA, structured set of electronic data transmitted between two parties to carry out financial or administrative activities related to healthcare |
| treatment, payment, and healthcare operations (TPO) | Under HIPAA, patients’ protected health information may be shared without authorization for the purposes of treatment, payment, and operations. |
| contains facts, findings, and observations about a patient's health history | medical record |
| medical record cycle | begins with patient's first contact and continues through all treatments and services |
| are used in research and for education | medical records |
| electronic health records (EHRs) | computerized lifelong healthcare records for an individual that incorporates data from all sources that treat the individual. |
| electronic medical records (EMRs) | computerized records of one of physician's encounters with a patient over time that are the physician's legal record of patient care. |
| personal health records (PHRs) | private, secure electronic files that are created, maintained, and controlled by patients |
| problem-oriented medical record (POMR) | a common documentation structure |
| SOAP notes | subjective information from the patient | objective data (examination/test results) | assessment of the patient's diagnosis and plan, the intended course of treatment |
| history and physical (H&P) 4 types of information | 1. chief complaint 2. the H&P examination 3. the diagnosis 4. the treatment plan |
| HPI | history of the present illness |
| PMH | past medical history |
| ROS | review of systems |
| under the 21st century cures act, practices have how long to provide access to EHR information | within 30 days |
| any willing provider | a law that requires a managed care organization to accept all qualified physicians who wish to participate in its plan |
| AARA | American recovery and reinvestment act of 2009 (a.k.a.: stimulus package) |
| three parts of administrative simplification provisions | 1. HIPAA privacy rule 2. HIPAA security rule 3. HIPPA electronic transaction and code sets standards |
| business associates examples | law firms, outside medical billers, coders, transcriptionists, accountants, collection agencies, and vendors of PHRs |
| three types of covered entities | 1. health plans 2. healthcare clearinghouses 3. healthcare providers |
| the first comprehensive federal protection for the privacy of health information | HIPAA privacy rule |
| use of PHI | sharing or performing analysis WITHIN the entity that holds the information |
| disclosure of PHI | the release, transfer, and provision of access to or divulging of PHI OUTSIDE the entity holding the information |
| treatment | providing and coordinating the patient's medical care |
| payment | the exchange of information with health plans |
| healthcare operations | general business management functions |
| incidental use or disclosure | secondary use of patient information that cannot reasonably be prevented, is limited, and usually occurs as the result of another permitted use |
| HIPAA exemptions | coverage only for accident | disability income coverage | liability insurance | workers' comp | auto medical payment & liability | credit-only (mortgage insurance) | coverage for on-site medical clinics |
| DRS for a provider | the medical and billing records the provider maintains |
| DRS for a health plan | includes enrollment, payment, claim decisions, and medical management systems of the plan |
| authorization | 2. A health plan’s system of approving payment of benefits for services that satisfy the plan’s requirements for coverage; see preauthorization. |
| subpoena | an order of the court directing a party to appear and testify |
| subpoena duces tecum | directs the party to appear, testify, and bring specified documents or items. |
| backing up | the activity of copying files to another medium to be preserved in case the originals are no longer available due to accidental loss or ransomware |
| X12 837 | Healthcare Claims or Equivalent Encounter Information/Coordination of Benefits—coordination of benefits refers to an exchange of information between payers when a patient has more than one health plan |
| X12 276 | Healthcare Claim Status Inquiry |
| X12 270 | Eligibility for a Health Plan Inquiry |
| X12 278 | Referral Certification and Authorization |
| X12 835 | Healthcare Payment and Remittance Advice |
| X12 820 | Health Plan Premium Payments |
| X12 834 | Health Plan Enrollment and Disenrollment |
| HIPAA national identifiers | employers | healthcare providers | patients |
| identifiers | numbers of predetermined length and structure such as a person's SSN |
| healthcare common procedures coding system (HCPCS) | codes for other medical services |
| current dental terminology (CDT-4) | codes for dental services |
| physician's services: current procedural terminology (CPT) international classification of diseases, procedure coding system | codes for procedures or other actions taken to prevent, diagnose, treat, or manage diseases, injuries, and impairments |
| international classifications of diseases, 10th revision, clinical modification | codes for diseases, injuries, impairments, and other health-related problems |
| legacy numbers | older numbers |
| UPIN | unique physician identification |
| NPPES | national plan and provider enumerator system |
| CMP | civil money penalties |
| qui tam | whistle-blower cases |
| respondeat superior | an employer is responsible for an employee's actions |
| goals of compliance plan | prevent fraud & abuse | ensure compliance | defend the practice |
| parts of a compliance plan | consistent written policies & procedures | appointment of a compliance officer & committee | training | communication | disciplinary systems | auditing and monitoring | responding to & correcting errors |
| X12 277 | Healthcare Claim Status Response |
| X12 271 | Eligibility for a Health Plan Response |
| E/M service is usually documented with | chart notes |
| has the authority to authorize the release of a patient's medical information | a legally appointed representative or the patient |
| exceptions to the usual rules for releases of information | emergencies | court orders | workers' comp cases | self-pay | statutory reports | research |
| how HIPAA transactions standards labeled | number and name |
| gov't agency with authority to enforce HIPAA privacy rule | (OCR) office for civil rights |
Created by:
VA_MedCod3r