EHRS-FM IG

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1
0.14.0 - CI Build

ISO/HL7 10781 - Electronic Health Record System Functional Model, Release 2.1 - Local Development build (v0.14.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions

Glossary of Terms for the EHR-S FM (Informative)

Term Definition Reference
Access 1) obtain, open, inspect, review and/or make use of health data or information
2) specific type of interaction between a subject and an object that results in the flow of information from one to the other
CPRI, modified
ISO 21089:2018
GCST
Access control 1) means to ensure that access to assets is authorized and restricted based on business and security requirements
2) means to ensure that the resources of an electronic system can be accessed only by authorized entities in authorized ways
3) prevention of an unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner
ISO/IEC 27000:2009
ISO/IEC 2382-8:1998, modified
ISO 21089:2018
Accountability 1) property that ensures that the actions of an entity may be traced uniquely to that entity
2) obligation of an individual or organization to account for its activities, for completion of a deliverable or task, accept responsibility for those activities, deliverables or tasks, and to disclose the results in a transparent manner
ISO/IEC 2382-8:1998
ISO 7498-2:1998, modified
ISO 18308:2011
ISO 21089:2018
Accuracy (data) extent that recorded data reflect the actual underlying information ISO 21089:2018
Accurate correct; conformity to truth or to a standard or model Olsen, Jack E., Data Quality: The Accuracy Dimension, Morgan Kaufmann Publishers, San Francisco, CA, 2003
Merriam-Webster Dictionary
Active order Active – In a state of action.
Order – Request for a specific action.
America Heritage Dictionary, Second College Edition, 1991
Activity See health care activity
Actor (in the healthcare system) 1) human, organization, or a system entity that can participate in an action
2) with respect to an action, entity that participates in or observes that action
ISO/IEC 15414:2015, modified
ISO 21089:2018
Advanced Directive a legal document (such as a living will) signed by a competent person to provide guidance for medical and health-care decisions (such as the termination of life support or organ donation) in the event the person becomes incompetent to make such decisions Merriam-Webster
Adverse reaction a negative or unexpected reaction to a drug or medical procedure (a reaction can range from mild to life-threatening)
Adverse sensitivity a condition expected to result in undesirable physiologic reaction to an amount of a substance that would not produce a reaction in most individuals
After Action (review/report) a detailed critical summary or analysis of a past event (such as a clinical intervention) made for the purposes of re-assessing decisions and considering possible alternatives for future reference
Agent 1) (conscious) entity that takes conscious actions, such as an individual, organization, business unit
2) (delegated) entity that has been delegated (e.g. authority, a function) by and acts for another (in exercising the authority, performing the function)
3) (healthcare) individual, organization, business unit, medical device (e.g. instrument, monitor) and software (e.g. application) which a) performs a role in the provision of healthcare services and/or b) is accountable for actions related to, and/or c) ascribed in, the health record
4) (programmed) entity that takes programmed actions, such as software or a device
5) (responsible) entity that bears some form of responsibility for an activity taking place, for the existence of an entity, or for another agent's activity
ISO 21089:2018 (1,2,4,5)
CEN 12265:2014, modified (3)
Aggregate (Population Health context) the consolidation of information from cohorts of individuals, families, or other groupings that is associated because of similar social, personal, health care, or other needs or interests. Note: aggregate-level data is sometimes de-identified in the Population Health context.
Aggregate Data data that has been collected from two or more sources and combined into a single dataset
Aggregation process to combine standardized data and information
[SOURCE: JCAHO, modified]
ISO 21089:2018
JCAHO
Alert (used as noun) an indication from a system or device that a condition exists requiring assessment and possible action.
Allergy an exaggerated immune response or reaction to a substance that is generally not harmful. The manifestation of an allergy includes a variety of physiologic responses (e.g. rash, itching, hypotension, anaphylaxis) and can be dependent on the route of exposure (inhalation, skin contact, ingestion). MedLine Plus
US National Institute of Health/National Library of Medicine
Anonymize 1) process that removes the association between the identifying data set and the data subject
2) remove personally identifying particulars or characteristics from record content so that the original source or data subject cannot be known
ISO 21089:2018 (2)
API application program interface: set of routines, protocols, and tools for building software applications. An API specifies how software components should interact.
Appropriate suitable or proper in the circumstances
Architecture 1) structure of components, their inter-relationships, and the principles and guidelines governing their design and evolution over time
2) set of principles on which the logical structure and interrelationships to an organization and business context are based. Note: Software architecture is the result of software design activity
3) set of design artefacts or descriptive representations that are relevant for describing an object such that it can be produced to requirements (quality) as well as maintained over the period of its useful life (change)
The Open Group Architectural Framework (TOGAF):2009 (1)
ISO 21089:2018 (2)
Zachman - Enterprise Architecture: 1996 (3)
Archive 1) process of moving one or more EHR extracts to off-line storage in a way that ensures the possibility of restoring them to on-line storage when needed without loss of meaning. Wherever possible, archived data should be technology-independent so that future users do not have dependencies on obsolete technology from the past
2) create, update or move an archive artifact with health record content for long-term, typically offline storage, external to the source system
ISO 18308:2011 (1)
ISO 21089:2018 (2)
Assessment 1) (in medicine and nursing) an evaluation or appraisal of a condition
2) the process of making such an evaluation
3) (in a problem-oriented medical record) an examiner's evaluation of the disease or condition based on the patient's subjective report of the symptoms and course of the illness or condition and the examiner's objective findings, including data obtained through laboratory tests, physical examination, medical history, and information reported by family members and other health care team members.
Mosby's Medical Dictionary:2009
Associate To maintain data by updating it in such a way as to draw connections between disparate data; to establish/maintain a relationship between two or more entities
Assurance 1) (surety) grounds for surety, certainty or confidence about something
2) (security) grounds for confidence that an entity meets its claimed level of protection, including security objectives
3) (system services) development, documentation, testing, procedural and operational activities carried out to ensure a system's services do in fact provide the claimed level of function, performance and usability
ISO/IEC 15408-1:2009, modified (1)
OMG, modified (2,3)
Atomic Data Elements indivisible units of data
Attest, Attestation 1) affirm, certify and/or authenticate a specific unit of information is true and genuine
2) (authenticity/accuracy) declare that record entry content exists, is authentic, accurate and true and therefore that it can be trusted
3) (completion) declare that record entry content exists and is complete for the purpose intended
4) (evidentiary) provide or serve as clear evidence of and thus certify and record applicable administrative (or “legal”) responsibility for a particular unit of information
ISO 21089:2018 (2,3,4)
Audit 1) mechanism employed to record and examine activities of an agent
2) systematic and independent examination of accesses, additions, or alterations to electronic health records to determine whether the activities were conducted, and the data were collected, used, retained or disclosed according to organizational standard operating procedures, policies, good clinical practice, and/or applicable regulatory requirement(s), and to recommend necessary changes in controls, policies or procedures
ISO 21089:2018 (1)
Audit Trail 1) (evidence of information operations) record that captures details such as additions, deletions, or alterations of information in an electronic record without obliterating the original record. An audit trail facilitates the reconstruction of the history of such actions relating to the electronic record.
2) (evidence of resource utilization) record of the resources which were accessed and/or used by whom
3) (evidence of system use/activities) chronological record of system activities that is sufficient to enable the reconstruction, reviewing and examination of the sequence of environments and activities surrounding or leading to an operation, a procedure, or an event in a transaction from its inception to final results
ISO 7498-2:1998 (2)
GCST (3)
Authentic 1) (object, entity, record) is what it purports to be; genuine and of undisputed origin; bona fide; based on facts, accurate and reliable
2) genuine; true; having the character and authority of an original; duly vested with all necessary formalities and legally attested; competent, credible, and reliable as evidence
3) object state or status, deemed present (authentic) or non-present (not authentic), on the basis of a given data object’s responses to conformance testing on three questions:
a. what does the object provider purport the object to be?
b. what is the specification for that object?
c. what means are offered to verify that 1=2?
ISO 21089:2018 (1)
Downing v. Brown, 3 Colo. 590 (2)
thelawdictionary.org (2)
Altiglieri, et al, in “Diagnosing and Treating Legal Ailments of the Electronic Health Record: Toward an Efficient and Trustworthy Process for Information Discovery
and Release” in The Sedona Conference Journal, Summer 2017, p. 233 (3)
Authenticate, Authentication 1) process proving something is real, true, or genuine
2) (data) process of verification of the integrity of data that have been captured, stored or transmitted
3) (data source) process of corroboration that the source of data received is as claimed
4) (identity of entity) process to provide assurance regarding the claimed identity of an entity (e.g. subject, user, author)
5) (health record entries) process to verify that an entry exists, is complete, accurate and final
6) (object) process to assure the identity of an object
7) satisfaction of the requirement of authenticating or identifying an item of evidence, where the proponent must produce evidence sufficient to support a finding that the item is what the proponent claims it is
ISO 21089:2018 (1,2,3)
ISO/IEC 10181-2:1996, modified (4)
JCAHO, modified (5)
ASTM E1762: 2013, modified (6)
US Federal Rules of Evidence (7)
Authority body that has legal powers and rights ISO/IEC 2382-8:1998
Authorize, Authorization 1) granting of rights, which includes granting of privileges to access data and functions
2) prescription that a particular behaviour must not be prevented
ISO 7498-2:1998, modified (1)
ISO/IEC 15414:2015 (2)
Authorized User user who may, in accordance with the Security Policy, perform an operation ISO/IEC 15408:1999
Automatically qualifier used to indicate that the action will be done by the system, independently of any user intervention
Auto-Populate system process that automatically fills in input fields with data that are already known/available within the systems database
Availability 1) (accessibility/usability) property of being accessible and useable upon demand by an authorized entity
2) (non-concealment) prevention of the unauthorized withholding of information or resources
ISO 7498 2:1998 (1)
ITSEC (2)
Background Process system processes running behind the scene without human initiation, interaction or intervention. Sometimes employed to perform certain maintenance activities. Oracle Database Administrator Guidance, modified
Backup a copy of data for the specific intent of ensuring its preservation and possible restoration in case the original is lost, corrupted, or destroyed
Behavioral Healthcare range of services for individuals at risk of, or suffering from mental, addictive, or other behavioral health disorders SAMHSA
Best practice practices that incorporate the best objective information currently available regarding effectiveness and acceptability SAMHSA
Bind, Binding process of associating two related elements of information. Examples: a) one may bind an author's (digital) signature to the corresponding health record content created by that author; b) one may bind certain metadata to an electronic document; c) one may bind a certain laboratory results (report) to a corresponding laboratory order.
Boundaries border or limit
Business Rule statement that defines or constrains some aspect of the business, intended to assert business structure, or to control or influence the behavior of the business. Examples include (but are not limited to) coding, billing, claim filing and reimbursement, resource management (personnel, beds, supplies, equipment), workflow optimization, and clinical decision support. The Business Rules Group:2013
Business Unit discrete and accountable function or sub-function within an organization. Example: A business unit can include a department, service or specialty within a healthcare provider organization. ISO 21089:2018
Care provision of accommodations, comfort and treatment to an individual subject of care (patient); also implying responsibility for safety JCAHO
Care Guidelines (synonymous with Health Care Guidelines) 1) recommendations offered by a care giver to a patient
2) recommendations recognized by care providers as being appropriate. In general, care guidelines are based on expert knowledge of assessing, treating and/or managing a particular medical condition.
US Agency for Health Research and Quality
Care Plan, Treatment Plan tool used by clinicians to plan and coordinate care for an individual patient that aids in understanding and coordinating the actions that need to be performed for the subject of care (patient)
Care Process task or set of tasks that is/are clinically-oriented; typically comprised of care planning, care delivery, and follow up tasks
Care Team group of individuals who provide health care to an individual for a given health care episode, health care setting or with regard to a health condition
Cascade something arranged or occurring in a series or in a succession of stages typically such that each stage derives from or acts upon the product of the preceding
Chain-of-Trust Agreement statement of requirements that certain administrative procedures will be implemented to guard the integrity, confidentiality and availability of sensitive data, where the sender and receiver agree to protect the data electronically transmitted between them
Change Log, Change Histry record of revisions/updates that have occurred over time; a log that can serve as an audit record for activity in a file or record system
Chronicity attributes or dimensions that could be associated with a chronic condition, including: a) time period (e.g., childhood, pubescence, constant); b) duration of condition (e.g., brief, extended, sustained, habitual); c) duration of episode (e.g., sleeping hours, self-limiting, consistent); d) level (e.g., mild, moderate, or severe condition or pain); e) and/or periodicity or frequency (e.g., a seasonal allergy).
Clinical Decision Support 1) use of data to discover, guide and/or justify the proper course of care (or interventions) to support health and health care activities
2) type of system or algorithm (logic) that assists health care providers in making clinical decisions

Clinical Document, Clinical Documentation 1) documents (records) created in the course of supporting health and providing health care serices; may be used in support of clinical decisions
2) documentation of clinical observations and services, with the following characteristics: a) persistence (a clinical document continues to exist in an unaltered state, for a time period defined by local and regulatory requirements); b) stewardship (a clinical document is maintained by a person or organization entrusted with its care); c) potential for authentication (a clinical document is an assemblage of information that may be legally authenticated); d) wholeness – (authentication of a clinical document applies to the whole and does not apply to portions of the document without the full context of the document); e) human readability (a clinical document is human readable)

Clinical image non-textual, pictorial depiction of clinical information (e.g., a radiograph, picture, video, or waveform)
Clinical information data related to the health/health care of an individual collected from or about an individual receiving health care services. It may include a caregiver’s objective measurement or subjective evaluation of a patient’s physical or mental state of health; descriptions of an individual’s health history and family health history; diagnostic studies; decision rationale; descriptions of procedures performed; findings; therapeutic interventions; medications prescribed; description of responses to treatment; prognostic statements; and descriptions of socio-economic and environmental factors related to the patient’s health. CPRI:1996
ASTM 1769:1997
Clinical Practice Guideline (CPG) statement that includes recommendations intended to optimize patient care. It is informed by a systematic review of evidence and an assessment of the benefits and harms of alternative care options. Board on Health Care Services, US Institute of Medicine (IOM), National Academies of Science:2011
Clinical process the set of interrelated or interacting health care activities performed by one or more health care professionals ISO 18308:2011
Clinician health professional who delivers health services directly to a patient/client ISO 12773-1:2009
Clinical tasks discrete health and health care actions whose results are recorded in clinical documents
Code set(s) group of keys or indices used for encoding data elements, such as tables of terms, medical concepts (e.g., medical diagnostic codes or medical procedure codes) HIPAA:1996, modified
ISO 21089:2018
Coding system organized, managed collection of codes, each of which has associated designations, meanings and in some cases relationships, properties or rules HL7 Vocabulary Work Group, modified
Coding Scheme collection of rules that maps the elements of one set on to the elements of a second set. Note: The two sets considered here are: a) a set of ‘code meanings’ (or ‘coded set’), and b) a set of ‘code values’ (or ‘code set’). Those sets are not, per se, part of the coding scheme. ISO 18308:2011
ISO/IEC 2382-4:1999
Coded references a vocabulary, code set or value set (e.g., SNOMED, LOINC)
Cohort 1) group of individuals who share a common exposure, experience or characteristic
2) study group of individuals, some of whom are exposed to a variable of interest, in which subjects are followed over time. Cohort studies can be prospective or retrospective.
American Medical Association
Compendium (in the context of Pharmacy) collected body of information detailing the standards of strength, purity, and quality of drugs
Complete Health Record final, assembled and authenticated, health record for an individual. A health record is complete when a) its contents reflect the diagnosis, results of diagnostic tests, therapy rendered, condition and progress (of the subject of care), and condition (of the subject of care) at discharge, and b) its contents, including any required clinical résumé or final progress notes, are assembled and authenticated, and all final diagnoses and any complications are recorded without use of symbols or abbreviations. JCAHO
ISO 21089:2018
Completeness (record) extent to which relevant records are present and the fields in each record are populated appropriately ISO 21089:2018
Concept unit of knowledge created by a unique combination of characteristics ISO 18308:2011
ISO 1087-1:2000
Confidentiality 1) (not disclosed) property that information is not made available or disclosed to unauthorized individuals, entities or processes
2) (controlled release) condition in which information is shared or released in a controlled manner
3) (labeling) status accorded to data or information indicating that it is sensitive for some reason, and that therefore it needs to be protected against theft or improper use and must be disseminated only to individuals or organizations authorized to have it
4) (need to know) restriction of access to data and information to individuals who have a need, a reason and permission for access
ISO 13606-4:2019, modified (1)
US National Research Council (2)
US Office of Technology Assessment (3)
JCAHO (4)
Conform to comply. Note: The verb ‘Conform’ is used with a special meaning in the FM and is not part of the Verb Hierarchy. Instead it is a special instruction for including the functional requirements of one function in another function. For example: “The system SHALL conform to function TI.1.1 (Entity Authentication)...”.
Conformance fulfillment of specified requirements by a product, process, or service. HL7 EHR-S/PHR-S Functional Model Chapter 2: Conformance Clause
Conformance Criteria statements of requirement indicating the behavior, action, capability that constitutes implementation of the function HL7 EHR-S/PHR-S Functional Model Chapter 2: Conformance Clause
Conformance clause section of a specification that defines the requirements, criteria, or conditions to be satisfied in order to claim conformance HL7 EHR-S/PHR-S Functional Model Chapter 2: Conformance Clause
Conformance statement statement associated with a specific implementation of a profile of the EHR-S or PHR-S Functional Model. HL7 EHR-S/PHR-S Functional Model Chapter 2: Conformance Clause
Consent, Informed Consent 1) agreement, approval, or permission as to some act or purpose given voluntarily by a competent person
2) communication process between the caregiver and the (subject of care), and which may refer to consent for treatment, special procedures, release of information and advance directives [which give instructions regarding the (subject of care's) wishes in special medical situations]
3) voluntary agreement with what is being done or proposed (express or implied)
ISO 18308:2011 (1)
CPRI (2)
Canadian Institute for Health Information (CIHI) (3)
Consumer (in relation to healthcare services) 1) individual who may become a subject of care
2) person who is the receiver of health-related services and who is an actor in a health information system
3) person requiring, scheduled to receive, receiving or having received a healthcare service
ISO 12773-1:2009 (1)
Continuity of Care component of patient care quality consisting of the degree to which the care needed by a patient is coordinated among practitioners and across organizations and time ISO 21089:2018
Credentials 1) (identity) data that are transferred to establish the claimed identity of an entity
2) (healthcare practice) documented evidence of (a healthcare professional's) licensure, education, training, experience, or other qualifications
ISO/IEC 2382:2015 (1)
JCAHO (2)
Criteria expected level(s) of achievement, or specifications against which performance can be assessed JCAHO
Critical Value, Panic Value diagnostic result (e.g., from laboratory, radiology, pathology) on a patient that must be reported immediately to the care provider and which may require urgent therapeutic action or intervention
Current medication 1) medication that a patient is actively using, either on a regular basis or on an ad hoc basis (e.g., “two pills as needed for pain”)
2) medication that has been dispensed to a patient and whose administration has not yet been completed according to the medication’s intended duration, dose, frequency, and quantity

Dashboard user interface based on predetermined reports, indicators and data fields, upon which the end user can apply filters and graphical display methods to answer pre-determined business questions, which is often intuitive and suited to regular use with minimal training
Data (healthcare) information elements which are input, stored, processed or output by the automated information system which support the clinical and business functions of a healthcare organization
Data aggregation process by which data is collected, manipulated and expressed in summary form to provide information. Data aggregation is primarily performed for reporting purposes, policy development, health service management, research, statistical analysis, and population health studies. ISO TS 18308:2011
Data Attribute, Data Element, Data Item single unit of data that in a certain context is considered indivisible ISO 21089:2018
Data Consistency for the uses intended, subject (data) elements that are clear and well defined enough to yield similar results in similar analyses ISO 21089:2018
Data Enterer A person who transfers content, written or dictated by someone else, into a clinical document. The guiding rule of thumb is that an author provides the content found within the header or body of the document, subject to their own interpretation, and the Data Enterer adds that information to the electronic system. In other words, a Data Enterer transfers information from one source to another (e.g. transcription from paper form to electronic system).
Data Integrity 1) (non-alteration) property that data has not been altered or destroyed in an unauthorized manner
2) (wholeness) accuracy, consistency and completeness of data/record content
ISO 7498-2:1998 (1)
JCAHO, modified (2)
Data Quality 1) degree to which a given data set satisfies the requirements of its intended use
2) aggregate construct composed of conformance with end-use requirements including specifications for accurate, timely, relevant, complete, understood, and trusted
3) fitness for use for a particular task
4) conformance with a specification for a defined end-use
Olsen, Jack E., Data Quality: The Accuracy Dimension, Morgan Kaufmann Publishers, San Francisco, CA, 2003 (1,2)
Kahn, MG, Raebel, MA, Glanz, JM, Riedlinger, K and Steiner, JF. A Pragmatic Framework for Single-site and Multisite Data Quality Assessment in Electronic Health Record-based Clinical Research. Med Care. 2012 (3)
Data Reliability for the uses intended, subject (data) elements that demonstrate accuracy, completeness, integrity, stability, repeatability and precision JCAHO, modified
Data Transmission sending of data or information from one location to another location; exchange of data between person and program, or program and program, when the sender and receiver are remote from each other CPRI
JCAHO
Data Validity, Data Validation 1) process used to determine if data are accurate, complete, or meet specified criteria. Note: Data validation may include format checks, completeness checks, check key tests, reasonableness checks, and limit checks
2) verification of correctness (reflecting the true situation)
ISO/IEC 2382-8:1998 (1)
JCAHO (2)
Decision support system See "Clinical Decision Support"
Decrypt, Decryption 1) process of making encrypted data reappear in its original unencrypted form; reversal of a corresponding reversible encipherment
2) decode or render information readable by algorithmically transforming ciphertext into plaintext
ISO 7498-2:1989 (1)
HL7 v3 ObligationPolicy value set, modified (2)
De-identification process of removing the association between a set of identifying data and the data subject ISO 25237:2008
Delegate give authority, function, or responsibility to another ISO/IEC 15414:2015, modified
Demographic Data data related to identifying an individual (such as name, date of birth, age, gender, etc.). May also include emergency and other types of contact information for the individual and administrative data (such as health insurance eligibility)
Deprecate (data/record content) designate data/record content as obsolete, erroneous or untrustworthy, as indication against its future use ISO 21089:2018
Derived profile profile created from an existing profile HL7 EHR-S Functional Model Chapter 2: Conformance Clause
Destroy (data/record content) purge or expunge data/record content stored in electronic or magnetic media, typically based on explicit criteria, so that it is completely unreadable and cannot be accessed or used ISO 21089:2018
Digital Signature 1) electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified
2) data appended to, or a cryptographic transformation of a data unit that allows a recipient of the data unit to prove the source, signer and integrity of the data unit and protect against forgery; this term is usually reserved for digital values or checksums calculated using asymmetric techniques, where only the originator of the message can generate the digital signature but many people can verify it
HIPAA (1)
ISO 7498-2:1998, modified (2)
Directive instruction how to proceed or act
Directory index or catalog of entities (e.g., individuals or organizations)
Disable-Access

Disclose release, transfer, provision of access to, or divulging in any other manner of information outside the entity holding the information HIPAA
Disclosure (health information) release of information to third parties within or outside the healthcare provider organization from an individual's (health) record with or without the consent of the individual to whom the record pertains CPRI
Disease management system of coordinated healthcare interventions and communications for persons and populations with particular sickness, illness or ailment
Discrete capture (data) input of an individual item of data
Discrete data data that contains distinct or separate values
Dispense (a medication) [See "Fill (a prescription or a medication order)"]
Document See "Clinical Document"
Documentation process of recording information in the (health) record JCAHO
Download to copy or move programs or information into a computer's memory, especially from a large datastore or the internet
Effectiveness (of care) degree to which the care is provided in the correct manner, given the current state of knowledge, to achieve the desired or projected outcome for the subject of care (patient) JCAHO
e.g. for example ("exempli fratia" in Latin)
EHR electronic health record

See "Electronic Health Record"

EHR-S FM HL7 Electronic Health Record System Functional Model
Electronic Health Record 1) comprehensive, structured set of clinical, demographic, environmental, social, and financial data and information in electronic form, documenting the health care given to a single individual
2) Information relevant to the wellness, health and health care of an individual, in computer-processable form and represented according to a standardized information model
3) repository of (organized sets of) information regarding the health of a subject of care, in computer processable form
4) a virtual compilation of non-redundant health data about a person across a lifetime, including facts, observations, interpretations, plans, actions, and outcomes. Health data include information on allergies, history of illness and injury, functional status, diagnostic studies, assessments, orders, consultation reports, treatment records, etc. Health data also include wellness data such as immunization history, behavioural data, environmental information, demographics, health insurance, administrative data for care delivery processes, and legal data such as consents
ASTM E1769:1995 (1)
ISO 18308:2011 (2)
ISO 20514:2015, modified (3)
CPRI:1995 (4)
Electronic Health Record Architecture generic structural components from which all EHRs are built, defined in terms of an information model ISO 18308:2011
Electronic Health Record System system for recording, retrieving and handling information in electronic health records ISO 18308:2011
ISO 13606-1:2019
Electronic Consult (e-Consult), Teleconsultation healthcare consultation carried out remotely using audiovisual telecommunications between doctor and subject of care (patient)
Electronic Referral (e-Referral), Tele-referral an act of referring someone (typically to a specialist) for consultation, review, or further action via an electronic service
Electronic Signature (e-Signature) electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the contract or record
Employer in occupational health, the company, organization, or individual that provides compensation (either direct or indirect) for a job, as reported by the person. HL7 Occupational Data for Health Project
Employment Status in occupational health, a person's self-reported, coded economic relationship to work (e.g. having one or more jobs) for a specified time period. Generally, employment status refers to whether or not a person has at least one job (i.e., is working for compensation), unemployed (i.e., searching for work for compensation), or not in the labor force (e.g., disabled, chooses not to work, etc.). HL7 Occupational Data for Health Project
Encounter interaction between a subject of care (patient) and care provider(s) for the purpose of obtaining and/or providing healthcare-related service(s)
Encrypt encode or render information unreadable by algorithmically transforming plaintext into ciphertext where data are temporarily re-arranged into an unreadable or unintelligible form for confidentiality, transmission, or other security purposes HL7 Version 3 Standard: Security and Privacy Ontology, Release 1, modified
Encryption process of encoding a message so that its meaning is not obvious US Office of Technology Assessment
Enterprise commercial or industrial activity or organization or business that has specific social objectives that serve its primary purpose
Entity 1) physical, digital, conceptual, or other kind of thing with some fixed aspects, such as a person, body, or object
2) something or someone that has a separate, distinct and identifiable existence; something or someone that has a unique identity (e.g., a person, an organization)
W3C, modified (1)
Entry [See "Record Entry"]
Event 1) noteworthy occurrence that has a location in time and space
2) (patient) anything that takes place or happens to the patient or is related to the patient, especially something important such as an incident (e.g. adverse event), procedure or diagnosis
3) (trigger) stimulus that causes a noteworthy change in the state of an object, or a signal that invokes the behaviour of an object
HL7 Reference Information Model (3)
Evidence 1) (demonstrate truth) everything that is used to determine or demonstrate the truth of an assertion
2) (fulfill burden of proof) currency by which one fulfills the burden of proof
ISO 21089:2018
Exchange (information) act of people and organizations passing information from one to another, especially electronically
Explicit Consent permission that is freely and directly given, expressed either viva voice or in writing. ISO 18308:2011
Externally-Sourced (information) Refers to an information object captured from outside the immediate system (e.g., EHR system), e.g., faxes, referral authorizations, consultant reports, laboratory results, encounter notes from another healthcare organization
Extract 1) select, copy out or cite a set of health data/record content, typically based on explicit criteria
2) remove for separate consideration or publication.
ISO 21089:2018
Family History record of health information about a subject of care's (patient's) close relatives; including e.g., disorders, environment, lifestyle, age at and cause of death
Fast Track route, course, or method that provides for more rapid results than usual
Fetal Death Death prior to the complete expulsion or extraction from its mother of a product of human conception, irrespective of the duration of pregnancy and which is not an induced termination of pregnancy. The death is indicated by the fact that after such expulsion or extraction, the fetus does not breathe or show any other evidence of life, such as beating of the heart, pulsation of the umbilical cord, or definite movement of voluntary muscles.
Fill (a prescription or a medication order) assign, count, label, and disburse/transport dose(s) of a medication in preparation for administration to a subject of care (patient). Note: In the FM the term "fill" represents the combined notions of medication filling and prescription.
Filter ability to programmatically separate and constrain data into specific value sets
Flow Sheet tabular summary of information that is arranged to display the values of variables as they change over time CEN TC251
FM functional model, (i.e., HL7 Electronic Health Record System Functional Model, HL7 Personal Health Record Functional Model)
Formulary preferred list of drug products that typically limits the number of medications available within a therapeutic class for purposes of purchasing, ordering, dispensing, administration and reimbursement. A government body, third-party insurer or health plan, or a provider organization may compile a formulary and its constraints may be mandatory.
Function 1) computation which takes some arguments or inputs and yields an output; any particular input yields the same output every time.
2) subroutine (software process) which returns a value

Generic Orders general diagnostic or treatment orders
Genotype 1) genetic makeup, as distinguished from the physical appearance, of an organism or a group of organisms
2) combination of alleles located on homologous chromosomes that determines a specific characteristic or trait
American Heritage Science Dictionary:2005
Genetic Disorder (also Genetic Illness, Inherited Disorder) disease or condition caused by an absent or defective gene or by a chromosomal aberration (e.g., Down Syndrome) American Heritage Science Dictionary:2005
Guidelines 1) indication or outline of recommendations (e.g., for use/guidance in clinical practice)
2) systematically developed statements to assist practitioner and patient decisions about appropriate health care for specific clinical circumstances

Health Care, Healthcare activities, services, or supplies related to the health of an individual, including: a) preventative, diagnostic, therapeutic, rehabilitative, maintenance, or palliative care, counselling, service, or procedure with respect to the physical or mental condition, or functional status, of a patient or affecting the structure or function of the body; b) sale or dispensing of a drug, device, equipment, or other item pursuant to a prescription; or c) procurement or banking of blood, sperm, organs, or any other tissue for administration to patients HIPAA
ISO 18308:2011
ISO 21089:2018
Health Care Activity, Healthcare Activity undertakings (such as assessments, interventions) that comprise a healthcare service ISO 12773-1:2009
Health Care Agent, Healthcare Agent See "Agent"
Health Care Informatics, Healthcare Informatics scientific discipline that is concerned with the cognitive, information processing and communication tasks of healthcare practice, education and research, including the information science and technology to support these tasks Directory of the European Standardization Requirements for Healthcare Informatics and Telematics v2.1
Health Care Organization, Healthcare Organization See "Health Care Provider"
Health Care Party, Healthcare Party Individual or organization involved in the process of health care ISO 18308:2011
Health Care Professional, Healthcare Professional 1) (care provision) individual who is entrusted with the direct or indirect provision of defined healthcare services to an individual subject of care or to populations
2) (qualification) person that is authorized by a nationally recognized body to be qualified to perform certain health services. Note: The types of registering or accrediting bodies differ in different countries and for different professions. Nationally recognized bodies include local or regional governmental agencies, independent professional associations and other formally and nationally recognized organizations. They may be exclusive or non-exclusive in their territory. Examples of health professionals are physicians, registered nurses and pharmacists.
ISO 21089:2018, modified (1,2)
CEN 1613:1994, modified (1,2)
Health Care Provider, Healthcare Provider 1) individual or organization licensed, certified or otherwise authorized or permitted to, directly or indirectly, administer or provide health care services, to individuals (patients) or populations, in the ordinary course of business or practice of a profession, including a health care facility
2) generic term used to describe many types of organizations that provide healthcare services
ISO 13606-4:2019, modified (1)
ISO 18307:2001, modified (2)
JCAHO, modified (2)
Health Care Service, Healthcare Service service provided (by a health care provider) with the intention of directly or indirectly improving the health of the person or populations to whom it is provided ISO 12773-1:2009
Health Condition aspect of a person or group’s health that may require some form of intervention. Note: These interventions could be anticipatory or prospective, such as enhancing wellness, wellness promotion or illness prevention (e.g., immunization), also symptoms, health problems (not yet diagnosed), diagnoses (known or provisional), e.g., a) diabetes, or physiological changes that affect the body as a whole or one or more of its parts, b) benign positional vertigo, and/or affect the person’s well-being, c) psychosis, and/or affect the person’s usual physiological state, d) pregnancy, lactation. ISO 12773-1:2009
Health Information 1) information about a person relevant to his or her health
2) any information, whether oral or recorded in any form or medium, that a) is created or received by a healthcare provider, health plan, public health authority, employer, life insurer, school or university, or healthcare clearing-house; and b) relates to the past, present, or future physical or mental health or condition of an individual; the provision of healthcare to an individual; or the past, present, or future payment for the provision of healthcare to an individual
ISO 18308:2011 (1)
HIPAA (2)
Health Insurance Carrier, Health Plan, Payer individual or group plan that provides, or pays the cost of, medical care; may be public or private entity HIPAA, modified
Health Issue concern or situation related to the health of a subject of care, as identified or stated by a specific health care party ISO 18308:2011, modified
Health Record account compiled by healthcare providers of a variety of subject of care (patient) health information, such as assessment findings, treatment details and progress notes JCAHO, modified
Health Record Entry See "Record Entry"
Health-related Factors, Social Determinants of Health 1) circumstances, influences, causes or issues that affect or describe a patient’s ability to receive or respond to treatment, or maintain wellness (including physical, mental, social, spiritual, community, and/or economic dimensions). A patient's strengths (positive factors) or weaknesses (negative factors) may impact a patient's care or recovery and may be recorded as part of the EHR to support the development of care plans and treatment options (e.g. coverage by insurance (typically a positive factor) versus unemployment (typically a negative factor). Examples of factors include: family support, financial support, health insurance levels, good overall health, employment status/type, access to care, and education level. Heath-related factors may be included in a patient’s problem list (e.g. ambulatory status, or addictions).
2) conditions in the places where people live, learn, work, and play affect a wide range of health risks and outcomes
CDC:2018 (2)
Identifier 1) (claimed) piece of information used to claim an identity, before a potential corroboration by a corresponding authenticator
2) (unique) identity information that unambiguously distinguishes one entity from another one in a given identity domain
ISO 13606-1:2019, modified (1)
ISO 21089:2018
i.e. that is to say or in other words ("id est" in Latin)
Immunization History history of immunization (vaccination) events for a subject of care (patient)
Implied Consent consent inferred from signs, actions, or facts, or by inaction or silence ISO 18308:2011
Including indicates a minimum set of values or options which must be instantiated
Indelible impossible to remove or erase ISO 21089:2018
Individually Identifiable Health Information information, including demographic information collected from an individual, that a) is created or received by a healthcare provider, health plan employer, or healthcare clearing-house; and b) relates to the past, present or future physical or mental health or condition of an individual, the provision of healthcare to an individual, or the past, present, or future payment for the provision of healthcare to an individual, and i) identifies the individual, or ii) with respect to which there is a reasonable basis to believe that the information can be used to identify the individual HIPAA
Industry in occupational health, self-reported title (with associated code) that identifies the kind of business (i.e., primary business activity), conducted by a person's employer. HL7 Occupational Data for Health Project
Information interpreted set(s) of data that can assist in decision making; data to which meaning is assigned, according to context and assumed conventions JCAHO, modified
US National Security Council, modified
Integrity (message) proof that message content has not altered, deliberately or accidentally in any way, during transmission

See also "Data Integrity"
ISO/IEC 7498-2:1998
Interchange standards standards specifying the form(s), method(s) and mechanisms by which information, typically electronic data, are exchanged
Internet Engineering Task Force (IETF) large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet
Interoperability 1) (semantic) ability of different information technology systems and software applications to communicate, exchange data, and use the information that has been exchanged
2) (standards-based) ability for data to be shared across clinicians, laboratory, hospital, pharmacy and patient, facilitated by data exchange schema and standards, regardless of the application or application vendor; also, ability of health information systems to work together within and across organizational boundaries in order to advance the health status of, and the effective delivery of healthcare for, individuals and communities.
IEEE:1990, modified (1)
ISO 21089:2018 (1,2)
Interoperate, Interoperation coordinate information, services, and/or functionality among systems
Interpretation conclusion that a health care provider (or possibly machine - in the form of clinical decision support) comes to based upon knowledge and scrutiny/analysis of information available (e.g., in the course of diagnosis/treatment of a subject's (patient's) condition
Intervention 1) action(s) whose purpose is to improve health or to alter the course of a disease
3) action(s) taken to maximize the prospects of achieving goals of care, including the removal of barriers to success

Input mechanism approach, typically utilizing a user interaction device, for data input, (e.g., keyboard and mouse)
Intolerance non-immunological adverse physiological sensitivity to a substance; may be manifest by an inability to endure, withstand, absorb, or metabolize a substance (e.g. lactose)
Jurisdictional Law statute and/or legal requirement of a domain or realm
Legal Hold, Litigation Hold operation that tags or otherwise cues special access management and destruction suspension for Record Entries deemed relevant, consistent with organization policy under the legal doctrine of “duty to preserve”, also notifying records owners and other designated parties of the special data controls on access, retention, and destruction processes ISO 21089:2018
Legal Hold Release, Litigation Hold Release operation that untags or otherwise removes cues for special access management and destruction suspension for record entries as organization policy had required under the legal doctrine of “duty to preserve”, also notifying records owners and other designated parties of the release of special data controls and that the organization will resume normal data retention and destruction processes; provide notification to the records owners of the release of data and that the organization will resume normal data retention and destruction processes ISO 21089:2018
Lifecycle (record entry) stages during the lifespan of a health record entry instance ISO 21089:2018
Lifecycle Event (record entry) operation occurring during the course of record entry instance lifespan such as: originate, retain, amend (update), attest, exchange (transmit, receipt), access/view ISO 21089:2018
Lifespan (record entry) period of time from the point of record entry instance origination to the point of record entry instance loss, destruction or deletion ISO 21089:2018
Link (record entries) perform an operation that connects (establish a relationship between) two or more separate but related health records so that access or use of one necessarily means equal access to ability to use of all the connected records ISO 21089:2018
Logical Record reference to a data record that is independent of its physical location; may be physically stored in two or more locations
Longitudinal Personal Health Record, Lifetime Personal Health Record permanent, coordinated record of significant information, in chronological sequence; may include all historical data collected or be retrieved as a user designated synopsis of significant demographic, genetic, clinical and environmental facts and events maintained within an automated system ASTM E1384:2013
Maintain keep, preserve and support
Manage take charge of; master
Management conducting, administering, supervising
Mask. Masking 1) conceal from view, disguise or hide
2) process of obscuring (masking) specific data elements within data stores. It ensures that sensitive data is replaced with realistic but not real data. The goal is that sensitive customer information is not available outside of the authorized environment. Effective data masking requires data to be altered in a way that the actual values cannot be determined or reengineered, functional appearance is maintained, so effective testing is possible.

Master File dataset containing definitional entries in common across system, business units and, in some cases, organizational boundaries (e.g., master files may include data group and attribute definitions, security policy and domain definitions, security classification and clearance definitions, healthcare service definitions, care protocol definitions) ISO 21089:2018
Master Patient Index catalog within a given healthcare organization which serves as a directory to patients (subjects of care) CPRI, modified
MAY indicates an optional, permissible action
Measure collect quantifiable data about a function or process JCAHO
Medical relating to the study or practice of medicine
Medication reconciliation comprehensive evaluation of a patient’s medication regimen any time there is a change in therapy in an effort to avoid medication errors (e.g., omissions, duplications, dosing errors, or drug interactions), and to observe the patient’s medication compliance and adherence patterns. The medication reconciliation process should include a comparison of the existing and previous medication regimens and should occur at every transition of care in which new medications are ordered, existing orders are rewritten, existing orders are adjusted, or if the patient has added nonprescription medications to [his or her] self-care. American Pharmacists Association
Merge (record entries) perform an operation that combines or joins the content of two or more health records, resulting in a single logical record entry (e.g., includes health records found to be registered as separate patients but are really one) ISO 21089:2018
Message logically ordered dataset designed to communicate essential information between systems ISO 21089:2018
Messaging Standard in the context of Health IT, specifies the structure and format of electronic data exchange, enabling disparate healthcare applications to exchange key sets of clinical and administrative data HL7
Metadata data that define and describes other data ISO/IEC 11179-3:2003
ISO 1087-1:2000
Need-to-Know requirement for access to, knowledge, or possession of the classified information in order to perform tasks, functions or services ISO/IEC 2382:2015, modified
Network electronic data transmission facility which can comprise just a point-to-point wire link between two devices, or a complex arrangement of transmission lines ISO 21089:2018
Non-repudiation (of origination, of submission, of receipt) service that provides proof of the integrity and source of data (both in an unforgeable relationship) and that only the signer could have created the associated signature, which can be verified by any party ASTM E1762:2013, modified
Notes brief record of facts, topics, or thoughts, often captured as an aid to memory; clinical documents are forms of clinical notes
Notice, Notification information presented or transmitted to an interested party; may not require recipient's action or response
Obfuscation action of making something obscure, unclear, or unintelligible
Occupation in occupational health, self-reported title (with an associated code) that identifies a person's type of work, i.e., the set of activities or tasks that a person is paid to perform or, if unpaid, the person’s contribution to a household/family business/community HL7 Occupational Data for Health Project
On-Demand as soon as or whenever required
Order prescription of a qualified health care professional regarding diagnostic testing and/or treatment of a subject of care (patient)
Order sets 1) pre-defined template that provides support in making clinical decisions for a specific condition or medical procedure
2) a grouping of orders that standardizes and expedites the ordering process for a common clinical scenario

Originate (record entry) create or initiate an entry in a persistent datastore, such as an electronic or personal health record (EHR/PHR) ISO 21089:2018
Organization unique framework of authority within which a person or persons act, or are designated to act towards the same purpose ISO 6523:1998
Organizational Policy generally adopted by a governance body within an organization:
1) deliberate system of principles to guide decisions and achieve rational outcomes
2) statement of intent, typically implemented as a procedure or protocol

Outcome 1) result of the performance (or non-performance) of a function or process(es)
2) condition or occurrence traceable to a cause
JCAHO, modified
Output produce and deliver health record content in the form and manner expected by a viewer or recipient (e.g., printout, visual rendering, tagged or delimited data stream) ISO 21089:2018
Party natural person or any other entity considered to have the same rights, powers and duties of a natural person ISO/IEC 15414:2015
Patient 1) subject of care
2) individual who is receiving or registered as eligible to receive healthcare services or having received healthcare services
ISO 21089:2018, modified (2)
Patient and Family Preferences health care treatment choices influenced by but not limited to language, religious, or cultural preferences selected by the subject of care (patient) and his/her family
Patient Identifier set of data that is used for uniquely distinguishing one patient from another patient
Patient Record See "Health Record"
Patient Representative designated to bearing the character or power of the patient; acting for the patient’s benefit, e.g. guardian, legal representative, surrogate, or advocate UK CancerWeb
Patient Safety See "Safety"
Patient-Level Data within the context of the Population Health arena, refers to data that is collected (and analyzed) regarding a single patient (e.g., “Person123 is left-handed”). Note: patient-level data may be de-identified.
Patient-Originated Data Data provided and/or entered by the subject of care (patient), e.g., an individual (or their representative) may provide or enter health information from personal memory and/or by using information that was recorded on a piece of paper American Academy of Pediatrics:2011
Performance way in which an individual, group or organization carries out, accomplishes and fulfils its important functions and processes, usually with regard to effectiveness JCAHO, modified
Performance Indicator, Performance Measure standard or criteria used to assess the capabilities of functions, processes and outcomes within an organization; quantification of processes and outcomes using one or more dimensions of performance, such as timeliness or availability. JCAHO, modified
Permission (Parental) affirmation or agreement, provided by the parent or guardian of a patient, to undertake a clinical action; in most cases, clinicians have an ethical (and legal) obligation to obtain parental permission to undertake recommended medical interventions

See also "Consent, Informed Consent"
American Academy of Pediatrics:2011
Persistent 1) data in a final form intended as a permanent record, such that any subsequent modification is recorded together with the original data
2) existing or remaining in the same state for an indefinitely long time
ISO 21089:2018 (2)
Pesonal Health Information (PHI) 1) information about an identifiable person which relates to the physical or mental health of the individual, or to provision of health services to the individual, and which may include: a) information about the registration of the individual for the provision of health services; b) information about payments or eligibility for healthcare with respect to the individual; c) a number, symbol or particular assigned to an individual to uniquely identify the individual for health purposes; d) any information about the individual collected in the course of the provision of health services to the individual; e) information derived from the testing or examination of a body part or bodily substance; f) identification of a person (e.g. a health professional) as provider of healthcare to the individual
2) information that concerns a person's health, medical history, medical treatment or genetic characteristics in a form that enables the person to be identified
ISO 27799:2008 (1)
MEDSEC (2)
Personal Health Record (PHR) health record, or part of a health record, for which the subject of care or a legal representative of the subject of care is the data controller ISO 18308:2011
Phenotype physical appearance of an organism as distinguished from its genetic makeup; the phenotype of an organism depends on which genes are dominant and on the interaction between genes and environment American Heritage Science Dictionary:2005
PHR personal health record

See "Personal Health Record"

PHR-S FM HL7 Personal Health Record System Functional Model
PHR Account 1) provides the PHR Account Holder with: a) access to his or her personal health data and b) access to the functions of a PHR system
2) conceptually similar to a bank account (e.g., health record bank), which provides controlled access to data and to the functions of the system in which the data are stored; may be hosted on a stand-alone personal computer, within an EHR system (i.e., as a portal), a web-based system, or other portable electronic device

PHR Account Holder 1) subject of the PHR Account, controls access to and permissions of the PHR Account, and controls the movement of data in and out of the PHR Account
2) synonymous with the terms “patient” or “consumer.”
Note: In certain PHR Account matters related to decision making, the term PHR Account Holder is also meant to include the PHR Account Holder Proxy, as he or she may be the PHR Account Holder’s substitute decision maker.

PHR Account Holder Proxy person who is appropriately authorized to act on behalf of the PHR Account Holder within the PHR Account; could be a family member, friend or substitute decision maker
PHR Application set of software that offers PHR functionality and related services to PHR Account Holders through individual PHR Accounts
PHR Authorization permission granted by a PHR Account Holder to an Authorized PHR User to use function(s) of the PHR System for intended and permitted purposes. PHR Authorizations may be to specific individuals or to specific remote computer systems. PHR Authorizations also may be role-based, i.e., granted to a class of individuals or a class of remote computer systems. PHR Authorizations may include varying levels of access, e.g., “read-only,” “write-only,” “read/write,” etc. The exact permissions and levels of PHR Authorizations may vary based on different PHR Sponsors and PHR Service Providers.
PHR Service Provider organization that delivers PHR Application(s) to PHR Account Holders. A PHR Service Provider may offer PHR Applications directly to PHR Account Holders or indirectly via contracted PHR Sponsors. PHR Service Providers are often PHR system vendors, enabling the distinction between direct PHR Application providers and third-party sponsors (such as physician offices or hospitals).

See "PHR Sponsor".

PHR Sponsor entity that provides PHR Account Holders access to a given PHR Application (e.g., a physician office, a health system, an employer, a pharmacy, a health plan). A PHR Sponsor may not necessarily be the same entity as the PHR Service Provider.
Policy 1) set of rules related to a particular purpose. A rule can be expressed as an obligation, an authorization, a permission or a prohibition.
2) formal, approved description of how a governance, management of clinical care process is defined, organized and carried out
ISO/IEC 15414:2015 (1)
JCAHO (2)
Population Health 1) art, process, science and a product of enhancing the health condition of a specific number of people within a given geographical area
2) health outcomes of a group of individuals, including the distribution of such outcomes within the group

Practice Guideline See "Guideline"
Prevention actions taken to:
1) reduce susceptibility or exposure to health problems (primary prevention)
2) detect and treat disease in early stages (secondary prevention)
3) alleviate the effects of disease and injury (tertiary prevention)

Primary Record records captured and maintained for the chief purpose of: a) supporting individual health and providing healthcare; b) clinical use including care, interventions and decision making ISO 21089:2018
Principal highest in rank, authority, character, importance, or degree; most considerable or important; chief; main (e.g., principal diagnosis)
Principal provider healthcare provider who is the most responsible and accountable for managing or coordinating the members of a care team(s) that deliver health care to an individual
Principle an accepted or professed rule of action or conduct, an adopted rule or method for application in action
Privacy 1) quality or state of being hidden from, or undisturbed by, the observation or activities of other persons
2) freedom from intrusion into the private life or affairs of an individual when that intrusion results from undue or illegal gathering and use of data about that individual and the ability of an individual or group to seclude themselves, or information about themselves, and thereby express themselves selectively
3) right of individuals to keep information about themselves from being disclosed to anyone
4) (information practices) security principle that protects individuals from the collection, storage and dissemination of information about themselves and the possible compromises resulting from unauthorized release of that information
AHIMA, modified (1,2,3)
ISO/IEC 2382-8:2015, modified (2,3)
HL7 Security Work Group (4)
Problem (clinicial) issue for which an assessment is made and a plan or intervention is initiated ISO 12773-1:2009, modified
Problem List 1) list that includes the most important health problems facing a subject of care (patient) such as nontransitive illnesses or diseases and injuries suffered; may include signs and symptoms
2) list of a patient's problems that serves as an index to his or her record
3) list of current and active diagnoses as well as past diagnoses relevant to the current care of the patient
US Centers for Medicare and Medicaid Services (CMS) (3)
Process sequence of goal-directed, interrelated series of actions, events, mechanisms, or steps taking place in a prescribed manner and leading to the accomplishment of some result ISO/IEC 15414:2015, modified
Profile (EHR or PHR System) Functional Model subset, in which functions have been designated for particular purposes, domains, services, specialties or care settings. A Functional Profile (FP) allows selection of functions and conformance criteria from the base FM, as well and revisions and extensions to those functions and criteria. HL7 EHR/PHR System Functional Model Chapter 2: Conformance Clause
Protocol 1) (care) written plan specifying the procedures to be followed in giving a particular examination, conducting research, or providing care for a particular condition
(2) set of instructions that describe the procedure to be followed when investigating a particular set of findings for a subject of care (patient), or the method to be followed in the management of a given disease
ISO 21089:2018 (1)
Provide the ability to ... phrase that conveys the notion that the corresponding FM-specified system functionality will enable a user to perform a given task, rather than having the system perform the task itself (i.e., without user intervention)
Provider See "Health Care Provider"
Pseudonymize, Pseudonymization 1) removal of individually identifiable data/record content by replacing with identity-bearing content for another entity
2) sub-class of de-identification which can be performed with or without the possibility of re-identifying the subject of the data/record content
ISO 25237:2017, modified
ISO 21089:2018, modified
Public Health 1) area of health care that deals with the health of populations in geo-political areas, such as States and counties
2) field of medicine concerned with safeguarding and improving the health of the community as a whole
Dorland's Medical Dictionary
Purpose 1) (of use) context and conditions of data/record use at a specific point in time, and within a specific setting
2) (of a system) practical advantage or intended effect of the system
ASTM 1986:2013, modified (1)
ISO/IEC 15414:2015 (2)
Quality 1) character, characteristic or property of anything that makes it good or bad, commendable or reprehensible, thus the degree of excellence that a thing possesses
2) totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs or fitness for use.
JCAHO, modified
CEN TC251, modified
Quality Improvement approach to the continuous study and improvement of the processes of providing healthcare services to meet the needs of patients and others JCAHO
Reactivate (record entry) recreate or restore full status to health records and their content from a previous state of deletion or deprecation ISO 21089:2018
Real-time actual time during which something takes place; the system may partly analyze the data in real time (as it comes in)
Receive capture an exchange artifact (e.g., message, document, API resource) from an external system or entity (e.g., acquire data objects that exist elsewhere for potential inclusion in an EHR or PHR record) ISO 21089:2018
Recommendation a suggestion or proposal as to the best course of action, especially one put forward by an authoritative body

See "Guidance"

Record See "Health Record"
Record Entry 1) (evidentiary) persistent documentation, recording or evidence of facts, context, findings and observations, with associated supporting system data or metadata, regarding an action taken to support individual health or provide healthcare
2) (indivisible notation) semantically indivisible clinical statement which may be structurally large or small, but which loses meaning if broken up
3) (instance) discrete notation, recording instance or dataset in (EHR/PHR/other) system datastore, suitably attributed, which forms part of, or a whole, contribution to a health(care) record at one place and time
ISO 21089:2018 (1,2)
ISO 18308:2011, modified (3)
ISO 13606-2:2019, modified (3)
Registry 1) directory-like system that focuses solely on managing data pertaining to one conceptual entity
2) server capable of holding data for the systematic and continuous follow up of information objects
maintained in accordance with specific rules
Canada Health Infoway (1)
ISO 21089:2018
Re-identify restore information to data that would allow the identification of the source of the information or the information subject HL7 Version 3 Standard: Security and Privacy Ontology, Release 1
Release of Information disclosure of documents containing (subject of care-) identifiable information to a third party requestor CPRI
Reminder type of notification that is specifically to prompt the recipient with information they may have previously received (e.g. an appointment reminder); distinct from an alert, where immediate action is required
Report 1) make or present an official or formal account or summary of
2) formal rendering (e.g., document) that gives information about a particular subject
ISO 21089:2018
Repudiate, Repudiation denial by a user or a system that it was the source of certain information or the sender or receiver of a message or the agent of an action requested from the system ASTM E1762:2013, modified
Resource entity which is essential to some behaviour and which requires allocation or may become unavailable because it is in use or used up ISO/IEC 15414:2015
Resource Utilization 1) process of making the best use of available resources in order to achieve a particular objective
2) total amount of resources consumed, compared against the amount of resources planned for a specific process

Restore 1) (record entry) recreate record entries and their content from a previously created archive artifact
2) produce another object with the same content as one previously backed up (i.e., recreate a readily usable copy) or reinstate an information system back to an error-free and secure state from which normal operation can resume
ISO 21089:2018
HL7 Version 3 Standard: Security and Privacy Ontology, Release 1
Result 1) conclusion or end to which any course or condition of things leads, or which is obtained by any process or operation
2) set of information including all essential or useful data relevant to the outcome of an analytical investigation and corresponding procedure (e.g., diagnostic findings)

Retain (record entry) store and maintain (in a persistent datastore) health records after their point of origination, update, receipt, re-identification, restoration, decryption, etc. ISO 21089:2018
Retention maintenance and preservation of information in some form (e.g. paper, microfilm, or electronic storage) for a given period of time CPRI
Role function or responsibility assumed by a person in the context of a health care event
Safety 1) (normative) quality of a product to meet applicable standards and practices for design, construction or manufacture
2) (patient) prevention of accidental or preventable injuries and mitigation of harm caused by errors of omission or commission that are associated with healthcare, and involving the establishment of operational systems and processes that minimize the likelihood of errors and maximize the likelihood of intercepting them when they occur
3) (perceived) users' level of comfort and perception of risk
ISO 21089:2018 (1,2,3)
US National Quality Forum (2)
Save keep (data) by moving a copy to a storage location
Scope of Practice services that a qualified health professional is deemed competent to perform, and permitted to undertake in keeping with the terms of their professional license
Seamless smooth and continuous, with no apparent gaps or spaces between one part and the next; perfectly cosistent and coherent
Secondary Data 1) record that is derived from the primary record and contains selected data elements
2) record that is derived/extracted from the primary record for specific purposes of use
ASTM E1384:2013
Security 1) (data) combination of availability, confidentiality, integrity and accountability including protection of data from intentional, accidental or unintentional alteration or destruction, or copying or disclosure to unauthorized persons, whether in storage, processing, or transit
2) (system safeguards) result of effective protection measures including safeguards for protection of information systems against software deficiencies, operating mistakes, or sabotage, against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document and counter such threats
CEN 13608-1:2005 (1)
JCAHO (1)
MEDSEC, modified (1)
US National Security Council (2)
US Institute of Medicine (2)
Security Policy 1) (information) set of laws, rules, and practices that regulate how an organization manages, protects and distributes sensitive information
2) (system) plan or course of action adopted for providing computer security including a statement of information values, protection responsibilities and organization commitment for a system
US Department of Defense (1)
ISO/IEC 2382:2015 (2)
US Office of Technology Assessment (2)
Send See "Transmit"
Severity Level signal of urgency or escalation; relative impact of a situation; may be used by people responding to an incident as a way to describe their current assessment of a situation to relay to others
Semantic interoperability See "Interoperability"
SHALL Indicates a mandatory requirement to be followed (implemented) in order to conform. Synonymous with “is required to”. HL7 EHR-S Functional Model Chapter 2: Conformance Clause
SHOULD Indicates an optional yet recommended action, one that is particularly suitable. Synonymous with “is permitted and recommended”. HL7 EHR-S Functional Model Chapter 2: Conformance Clause
SIG instructions that direct a patient regarding the recommended use of a medication (abbreviation for Signetur – “Let it be labeled” - in Latin)
Single Logical Patient Record See "Logical Record"
Situational Criterion criterion that is required if the circumstances given are applicable HL7 EHR/PHR Syste Functional Model Chapter 2: Conformance Clause
Social Determinants of Health See "Health-related Factors"
Specialized Views customized view which may be based on encounter specific values, clinical protocols and business rules
Standard 1) document, established by consensus and approved by a recognized body, that provides, for common and repeated use, rules, guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context. Note: Standards should be based on the consolidated results of science, technology and experience, and aimed at the promotion of optimum community benefits.
2) technical specification which addresses a business requirement, has been implemented in viable commercial products, and, to the extent practical, complies with recognized standards organizations such as ISO
ISO/IEC Guide 2 (1)
Standards of Practice specification (guiding principles) that describe responsibilities and define safe practice, including: professional standards, ethical guidelines, entry-level competencies, provincial/regional regulations, standards of care, and practice guidelines

See "Guidelines" and "Safety"

Store See "Save"
Structured Data data that can be slotted into discrete fields and enumerated or codified
Subject of Care one or more individuals scheduled to receive or who are receiving or have received health care services. Note: The terms “patient” and “client” are synonymous with subject of care in a health record context and are commonly used instead of the more formal term “subject of care”. ISO 12773-1:2009, modified
ISO 13606-1:2018. modified
Suitable possessing the qualities that are right, needed, or appropriate for the task or use ISO 21089:2018
Summary abbreviated version of something that has been said or written, containing only the main points
Syntactic Interoperability See "Interoperability"
Systematic pursuing defined objective(s) in a planned, step-by-step manner JCAHO
Task Unit of work. A task (in health care) may be a clinical task (i.e., a task that occurs as part of the process of providing care for a patient) or a non-clinical task (e.g., an administrative task such as updating the list of providers who have admitting privileges at the local hospital). A task may arise in an ad hoc fashion or may appear according to a schedule. A task may be placed on a list and assigned to a person, a group of people, or to an automated mechanism; a task may also be shared, reassigned, prioritized (or re-prioritized), routed, corrected, updated, cancelled, or suspended.
Term word or words corresponding to one or more concepts
Terminological System structured human and machine-readable representation of healthcare concepts and relationships
Terminology Services set of services that present and apply vocabularies, both controlled and uncontrolled, including their member terms, concepts and relationships. This is done for purposes of searching, browsing, discovery, translation, mapping, semantic reasoning, subject indexing and classification, harvesting, alerting, etc.
Text 1) data in the form of words or alphabetic characters
2) human-readable sequence of characters

Timestamp digital record of the time of occurrence of a particular event
Transact Data act of processing a logical unit of information (e.g., data received from an external system may be committed (or “transacted”) to a local database
Transform, Transformation 1) convert and/or encode source health record content into exchange artifacts such as HL7 v2/v3 messages, CDA/CCDA documents or FHIR resources
2) convert or change data/record content from one format to another, from one arrangement to another, from one structure to another
ISO 21089:2018, modified
Translate (record entry) convert data content from one coding/classification system to another or from one human language to another or express the sense of (words or text) in another language (e.g. English translated to Spanish) HL7 Version 3 Standard: Security and Privacy Ontology, Release 1
Transmit (record entry) initiate communication of health record content from one system to another; send or convey from one person or place to another; send or forward, as to a recipient or destination ISO 21089:2018
Treatment Option consideration of one of several remedies with the object of effecting a resolution or cure
Treatment Plan See "Care Plan"
Treatment Protocol See "Protocol"
Trigger event that causes an action to be taken (e.g., message transmittal)
Trust 1) (confidence) have reliance, faith, or hope
2) assured reliance on the character, strength, or truth of someone or something
ISO 21089:2018
Trusted Information Exchange Environment environment which ensures integrity, confidentiality, and availability of data in the process of information exchange between participating parties; may be based on a "chain of trust" agreement
Truth 1) quality or state of being true in accordance with the body of real things, events and facts
2) maintain fidelity to an original or to a standard, proposition or principle.
ISO 21089:2018
Unique Identifier See "Identifier"
Unlink (record entries) undo an operation that previously connected two or more health records, rendering them separate again ISO 21089:2018
Unmerge (record entries) perform an operation that reverses a previously executed merge operation ISO 21089:2018
Unstructured Data data that is not slotted into discrete fields and enumerated or codified; opposite of structured data
Unstructured Text lacking a definite structure or organization; not formally organized or systematized
Update perform an operation that results only in the revision or alteration of an object HL7 Vocabulary Alignment Project
Upload transfer (data) from one computer to another, typically to one that is larger or remote from the user or is functioning as a server
Use (of health information) sharing, employment, application, utilization, examination, or analysis of such information HIPAA
User person or other entity authorized by a provider to use some or all of the services provided by the provider COACH
OMG
User Role collection of defining attributes that characterize a population of users and their intended interactions with the system
Validate confirm that the contents of data objects meet the needs of identified stakeholders (e.g., healthcare providers, patients), often involving acceptance and suitability; verify correctness (to reflect the true situation) Project Management Body of Knowledge, modified
JCAHO, modified
Verify confirm and notate that record/data content is true, accurate and/or justified based on reviewing, inspecting or testing or evaluate the compliance of data objects with specified requirements based on organizational policy Project Management Body of Knowledge, modified
Versioning management of multiple revisions of the same unit of information, or of a software application
View 1) look at attentively or inspect
2) representation of an object or collection of objects for use by visual capture, rendered electronically or in print
ISO 21089:2018