|
|
Definition
|
| |
A - D | E - H | I - M | N - R | S - Z
|
Access
|
Ability or the necessity to create, read, write, modify, delete, or communicate data/information or otherwise make use of any system resource.
|
| Access Authorization |
Information-use policies and procedures that establish the rules for granting access to information or a device or medium that contains information (e.g. To a computer terminal, mobile device, transaction, program, process, or some other file).
|
| Access Control |
Method of restricting access to resources, allowing only appropriate access. Types of access control include: Mandatory, discretionary, time-of-day and classification or role based.
|
Access Profile
|
Detailed description of which types of data, pertaining to which types of patients, that workforce members in a given job class are permitted to read.
|
Accessibility
|
Data or information is available and useable upon demand by an authorized person.
|
Accountability
|
Responsibility of a person or entity for their actions.
|
Alarm
|
Any device in a system that can sense an abnormal condition within the system and provide, either locally or remotely, a signal indicating the presence of the abnormality. |
| ANSOS One-Staff |
A nurse/staff scheduling system. All of nursing would use this application. |
| Audit Control |
Mechanisms employed to record and examine system activity. |
Audit Trail
|
Capability to collect data that would be used to trace actions, entries or processes to a specific person, entity or transaction. |
| Authentication |
Corroboration that a person or entity is the one claimed. It may include a unique user identifier or another of verification (biometrics, password, personal identification number, token or telephone callback procedure). |
Authorization
|
Individual's written permission to use or disclose PHI. |
Authorization Control
|
Mechanism for obtaining consent for the use and disclosure of PHI, which is based upon the users need-to-know. |
Availability
|
Data or information is accessible and useable upon demand by an authorized person. |
| Browser |
Usually a free software package that lets you view web pages, graphics, and online content.
|
| CareMedic |
Electronic Financial Record and Image AR Document Management system
|
| Cerner Millennium |
Electronic Medical Record Software. Applications include: PowerChart, FirstNet, Anatomic Pathology, Blood Bank, PathNet, PharmNet, SurgiNet, Cerner Bridges. |
| Disaster Recovery |
Process enabling an enterprise to restore any loss of data in the event of fire, vandalism, natural disaster or system failure. It is part of an overall contingency plan. |
| Discoverer |
Access to Clinical data reports. |
| Electronic Media |
Electronic storage media including memory devices in computers (hard drives) and any removable/transportable digital memory medium, such as a disk, optical disk, digital memory card or USB storage device.
|
Electronic Protected Health Information
|
Individually identifiable health information (see definition of Individually Identifiable Health Information) that is transmitted or maintained in electronic media.
|
| Email |
Used for sending and receiving electronic mail |
Emergency Mode Operation
|
A process enabling an enterprise to continue to operate in the event of fire, vandalism, natural disaster or system failure. It is also part of an overall contingency plan.
|
Encryption
|
Method of transforming confidential plain text into cipher text to protect it. An encryption algorithm combines plain text with other values called keys, or ciphers, so the data becomes unintelligible. Once encrypted, data can be securely stored or transmitted over unsecured lines. Decrypting data reverses the encryption algorithm process and makes the plain text available for further processing. |
Entity
|
In most cases, an entity is a person, but it can be a system or a process as well.
|
Eradication
|
The removal of malicious software or resetting of passwords.
Facility Security Plan Plan to safeguard the premises and building (exterior and interior) from unauthorized physical access and to safeguard the equipment therein from unauthorized physical access, tampering and theft.
|
Health Care Provider
|
Any person or organization, which furnishes, bills, or is paid for health care services in the normal course of business. |
Health Plan
|
Individual or group plan that provides, or pays the cost of, medical care. |
HEMM/HEFM
|
Request will allow access to the Purchasing application and/or Financial Management application |
| HTTP |
This is the language of a webpage. Links, pictures, content will work when the webpage has this prefix |
| HTTPS |
This is secured language of a webpage. There is an additional layer of security/encryption on this page to hide personal information. |
| Image |
Standard set of applications and an operating system for a workstation |
| Information System |
Includes hardware, software, information data, applications, communications and people. |
| IP Address |
It is your "Internet "Protocol" address. Every computer, cell phone and device that accesses the internet is assigned an IP address for tracking purposes |
| Law |
The federal constitution; a state constitution; a federal or state statute, regulation, or rule; common law; or other action having the force and effect of law. |
| Malicious Software |
Software that contains a virus, designed to damage or disrupt a system. |
| MedeAnalytics |
Application used by Patient Financial Services, Health Information Services and other financial and business staff. |
| Medical Care |
Diagnosis, cure, mitigation, treatment or prevention of disease or injury. |
| Message Authentication |
Mechanism that ensures that a message received (usually via a network) matches the message sent. |
| Muse/CVWeb |
Software used by Cardiologists. All other users will use CVWeb (view only). |
| My Medical Files (MMF) |
MMF is a fax-to-web electronic filing information management system used in the Perioperative Services PREP Center to manage documents for patients in the process of being cleared clinically for elective surgical procedures. |
| PACS |
Radiology Imaging Software. |
| Password |
Confidential authentication information composed of a string of characters (e.g., letters, numbers, etc.). |
| Personal Representative |
Person who, under applicable law, has authority to act on behalf of another individual in making decisions related to health care. |
| Policy |
Provides management direction and support for information security in accordance with business requirements and relevant laws and regulations; therefore no technology or tactical solutions are outlined. These are produced by the Information Security Group and other enterprise committees. |
| Principle of Least Privilege |
Granting the lowest access rights necessary to perform job functions. |
| Quantim |
Medical Records Coding, Abstracting and compliance application. |
| Recovery |
The restoration of information systems to an operational state where applicable. |
| Requirements Traceability Matrix |
A document or tool used to track the link between the requirements identified for the software and the test cases. |
| Security Incident |
Attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in an information system. |
| Service Desk Express (SDE) |
Software used by the Helpdesk to record and track requests for Technology help from the Information Services and Technology staff. |
| SSL Sites |
A secure connection protocol used to encrypt and decrypt all data over a session while the user is logged in with their username and password. |
| STAR |
Software for Revenue cycle, including STAR Clinical and/or Financial. |
| TeleTracking |
Bed Tracking and Management software. |
| Test Case |
A tool used to validate an applications performance in accordance to the requirements identified. Test Cases are used to map/tracks back to the requirement being tested by way of the Requirements Traceability Matrix. |
| Test Plan |
The test plan describe the overall test strategy for testing that will verify the application meets all the identified requirements from start to finish prior to implementing. |
| Testing and Revision |
Documented process of periodic validation of written contingency plans to discover weaknesses and the subsequent process of revising the documentation, if necessary. |
| Threat |
The potential for a threat-source to exercise (accidentally trigger or intentionally exploit) a specific vulnerability. |
| Treat-source |
Intent and method targeted at the intentional exploitation of a vulnerability, or Situation and method that may accidentally trigger vulnerability. |
| Trojan Horse (Computer) |
Invited programs that contain files with malicious code that when triggered, cause loss or theft of data. Ex: email attachments of a downloaded internet site. |
| Virus (Computer) |
A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. |
| WinZip |
A program that zips file folders into a password protected file to send across the internet and opened by the password. |
| Worms (Computer) |
Programs that replicate themselves from system to system. Ex: Word document or Excel file. |
| Uniform Resource Locators (URL) |
The web browser addresses of internet pages and their files |