Has this ever happened to you? You ask the vendor that provides your clinical documentation improvement (CDI) software: “Can you send a copy of the answered query back to our EMR?” And you get back the answer: “Our SaaS solution can send a copy of the completed query over a VPN to your HIS as the payload inside an HL7 ORU message.”
No, this is not another example of “technically correct but totally useless” as I’ve discussed in the past. This is an admittedly extreme example of the kind of technical jargon that might confront a health information management (HIM) professional in today’s modern technology-laden environment.
What follows is not an attempt at a complete encyclopedic description of all the technical terms that an HIM professional might encounter. Rather, I have selected a few that seem to be very common, especially as they relate to the CDI world.
- Hospital information system (HIS): These days there is such a focus on the electronic medical record that we sometimes forget that the EMR is only one component of a larger HIS ecosystem at a hospital. In nature, an ecosystem may be defined as “organisms interacting with each other and the environment.” That definition applies equally well in healthcare technology, considering a hospital’s IT infrastructure. In addition to the EMR, there are also systems in the HIS for registration, appointments, coding, billing and many more. Information is often routed to and from the overarching HIS rather than the EMR specifically.
- Virtual private network (VPN): If you look up while walking through your hospital’s basement, you may find bundles of network cables that constitute part of the “hard-wired network” (point-to-point connections within the full hospital network). But in order to connect to facilities beyond the physical building, it is necessary to create secure pathways, or “tunnels,” through the internet to connect to sites. This tunnel is referred to as a VPN. Properly done, it can be as secure as a physical connection. Many healthcare professionals are connecting to their hospital systems remotely (from a remote office or from home) over a VPN and they don’t even know it. But that’s how your IT department is helping to keep remote connections secure.
- Software as a service (SaaS): Your hospital’s data center may have many computers and multiple types of software running on those computers. But another way to get the software that you need is via the SaaS model. In that case, a vendor is running a data center outside of your hospital, giving you access to its software, most typically through a web browser. This means your hospital IT department has no hardware or software to install, configure or maintain, and the software vendor takes care of all of that for you.
- Service organization controls II (SOC 2): This is a set of standards against which a service organization (like your software vendor) can be evaluated. Trust services criteria of SOC 2 evaluate compliance with security, confidentiality, privacy, availability and processing integrity. You should be interested in this if you need the confidence in placing protected health information in the hands of an outside organization (for example, if you are considering using a SaaS solution).
- HL7: Technically, this translates to “Health Level 7” and refers to “a framework (and related standards) for the exchange, integration, sharing, and retrieval of electronic health information,” according to the HL7 website. The number “7” refers to the top layer of the open systems interconnect (OSI) model: the application layer. This bit of trivia is not as important as realizing that this is not the version number of the standard. There will not be an HL8. It is the way that the various systems in the HIS exchange information. Many types of messages can be communicated via HL7, but the ones you are likely to see most often are ADT (admission, discharge, transfer—notification that one of these events has happened for a patient); BAR (billing account record—information handy for billing purposes, often with a list of diagnoses or the resultant diagnosis-related group); ORU (observation result, unsolicited—an observation being sent to your EMR from an outside system); and MDM (medical document management—typically dictation transcriptions and related documents).
Some of these descriptions may represent fine subtleties, but you will be in a better position to make your needs known and understand the proposed solutions if you can learn at least some of the language of the IT geeks. But don’t jump prematurely to the jargon or the IT methodologies that are implied. Instead, stick to relating your needs concisely and completely.
Jonathan Elion, M.D., FACC, is a practicing board-certified cardiologist in Providence, Rhode Island, and an associate professor of medicine at Brown University.