Chapter 2: Healthcare Terminology and Standards

Introduction

In healthcare IT, precision in language and adherence to standards isn't just best practice—it's a matter of patient safety, regulatory compliance, and system interoperability. A medication allergy miscoded or a lab result misinterpreted due to inconsistent terminology can have life-threatening consequences.

This chapter provides a comprehensive guide to essential healthcare terminology and the industry standards that enable safe data exchange, analytics, and automation across disparate systems. Whether you're integrating an EHR with a laboratory system, building a patient portal, or designing analytics pipelines, understanding these standards is foundational.

Why Healthcare Standards Matter

Healthcare differs from most industries in its standards complexity:

Clinical Safety: Misinterpreted data can harm patients
Regulatory Compliance: HIPAA, CMS, FDA mandate specific standards
Interoperability: Systems from different vendors must communicate
Financial Reimbursement: Incorrect coding leads to claim denials
Legal Liability: Documentation must support clinical decisions

graph TD
    subgraph ECOSYSTEM["HEALTHCARE STANDARDS ECOSYSTEM"]
        subgraph CLINICAL["CLINICAL"]
            C1[SNOMED CT]
            C2[LOINC]
            C3[RxNorm]
            C4[DICOM]
        end

        subgraph FINANCIAL["FINANCIAL"]
            F1[ICD-10-CM/PCS]
            F2[CPT/HCPCS]
            F3[DRG/APC]
            F4[X12 EDI]
            F5[NCPDP]
        end

        subgraph INTEROP["INTEROPERABILITY"]
            I1[HL7 v2]
            I2[HL7 CDA/C-CDA]
            I3[HL7 FHIR]
            I4[DICOM Imaging]
            I5[Direct Protocol]
        end
    end

Essential Healthcare Terminology

EMR vs. EHR: Understanding the Difference

While often used interchangeably, these terms have distinct meanings:

Aspect	EMR (Electronic Medical Record)	EHR (Electronic Health Record)
Scope	Single organization/practice	Across multiple organizations
Purpose	Internal clinical documentation	Comprehensive health record with interoperability
Data Sharing	Limited, within practice	Designed for external sharing (HIE, patient portals)
Focus	Provider-centric	Patient-centric
Examples	Practice management system	Epic Care Everywhere, CommonWell network
Standards	Internal formats	HL7 FHIR, C-CDA, Direct Protocol

Practical Implication for IT:

EMR implementations focus on internal workflows, billing, clinical documentation
EHR implementations require robust interoperability (FHIR APIs, HIE connections, patient data access)

PHI vs. PII: Critical Privacy Distinctions

Term	Full Name	Definition	Regulation	Examples
PHI	Protected Health Information	Any health information that can identify an individual	HIPAA (U.S.)	Name + diagnosis, MRN + lab result, SSN + medication
PII	Personally Identifiable Information	Any data that can identify an individual	Various (GDPR, state laws)	Name, email, SSN, address, phone number
ePHI	Electronic PHI	PHI in electronic form	HIPAA Security Rule	EHR data, health app data, emailed health records

Key Distinctions:

All PHI is PII, but not all PII is PHI
PHI requires health context: Name alone is PII; name + diabetes diagnosis is PHI
De-identified data is neither PHI nor PII (per HIPAA Safe Harbor or Expert Determination)

IT Security Implications:

PHI requires HIPAA-compliant encryption, access controls, audit logs, BAAs
ePHI transmission must use TLS 1.2+, VPN, or Direct Protocol

Health Information Exchange (HIE)

HIE has dual meanings:

HIE as an Organization: A entity facilitating health data exchange (e.g., Indiana HIE, Chesapeake Regional Information System)
HIE as a Process: The act of exchanging health information electronically

HIE Models:

Model	Description	Use Case	Technology
Centralized	All data stored in central repository	Statewide/regional HIE	Centralized EHR database
Federated	Data remains at source, queried on-demand	Query-based access across networks	CommonWell, Carequality
Hybrid	Combination of centralized index + distributed data	Large IDNs	MPI + FHIR APIs
Direct Exchange	Secure point-to-point messaging	Provider-to-provider referrals	Direct Protocol (SMTP-based)

Key HIE Standards:

FHIR APIs for RESTful data exchange
C-CDA documents for care summaries
IHE XDS (Cross-Enterprise Document Sharing)
TEFCA (Trusted Exchange Framework and Common Agreement)

Revenue Cycle Management (RCM)

RCM encompasses all financial processes from patient registration to final payment:

graph LR
    PreVisit["Pre-Visit Activities<br/>• Scheduling<br/>• Eligibility verification<br/>• Pre-auth"]
    FrontEnd["Front-End Revenue<br/>• Registration<br/>• Insurance verification<br/>• Copay collection"]
    MidCycle["Mid-Cycle Management<br/>• Coding CPT, ICD-10<br/>• Charge capture<br/>• Claim scrubbing"]
    BackEnd["Back-End Collections<br/>• Claims submission<br/>• Payment posting<br/>• A/R follow-up<br/>• Denial management<br/>• Appeals"]

    PreVisit --> FrontEnd --> MidCycle --> BackEnd

Key RCM Metrics:

Days in A/R: Average time to collect payment (target: <45 days)
Clean Claim Rate: % of claims accepted on first submission (target: >95%)
Denial Rate: % of claims denied (target: <5%)
Net Collection Rate: Collected $ / Allowed $ (target: >95%)

Telehealth vs. Telemedicine

Term	Definition	Scope	Examples
Telemedicine	Clinical care delivered remotely	Narrower - provider-patient encounters	Video visits, remote diagnosis, e-consults
Telehealth	Broader health services delivered remotely	Includes clinical + non-clinical	Telemedicine + RPM + patient education + administrative meetings

Modalities:

Synchronous: Real-time video/phone consultation
Asynchronous (Store-and-Forward): Provider reviews images/data later
Remote Patient Monitoring (RPM): Continuous monitoring via devices
mHealth (Mobile Health): Health apps, wearables, SMS reminders

Coding and Terminology Standards

Clinical Coding Systems

1. ICD-10-CM/PCS: Diagnosis and Procedure Coding

ICD-10-CM (International Classification of Diseases, 10th Revision, Clinical Modification)

Purpose: Diagnosis coding for morbidity/mortality tracking
Used By: All U.S. healthcare providers, payers, public health
Structure: Alphanumeric, 3-7 characters (e.g., E11.9 = Type 2 diabetes without complications)
Total Codes: ~70,000 diagnosis codes
Maintained By: CDC (U.S. version)

ICD-10-PCS (Procedure Coding System)

Purpose: Inpatient procedure coding (hospital billing)
Structure: 7-character alphanumeric (e.g., 0DBJ8ZZ = Excision of appendix, via natural opening endoscopic)
Total Codes: ~78,000 procedure codes
Used By: Inpatient facilities only (not physician offices)

Example ICD-10-CM Coding:

Condition	ICD-10-CM Code	Description
Type 2 Diabetes	E11.9	Type 2 diabetes mellitus without complications
Diabetes with retinopathy	E11.319	Type 2 diabetes with unspecified diabetic retinopathy
Hypertension	I10	Essential (primary) hypertension
COVID-19	U07.1	COVID-19 (confirmed by lab test)
Heart failure	I50.9	Heart failure, unspecified

IT Implications:

Code Set Updates: Annual updates (October 1) require system updates
Specificity Requirements: Payers increasingly require granular codes
EHR Integration: Problem lists, encounter coding, quality reporting

2. CPT/HCPCS: Procedure and Services Coding

CPT (Current Procedural Terminology)

Purpose: Billing for outpatient procedures and services
Structure: 5-digit numeric codes (e.g., 99213 = Office visit, established patient, moderate complexity)
Maintained By: American Medical Association (AMA)
Categories:
- Category I: Procedures/services (e.g., 99214, 80053)
- Category II: Performance measurement (optional)
- Category III: Emerging technologies (temporary codes)

HCPCS (Healthcare Common Procedure Coding System)

Level I: CPT codes
Level II: Non-physician services (e.g., J-codes for drugs, E-codes for DME)

Common CPT Code Ranges:

Code Range	Service Type	Examples
99201-99499	Evaluation & Management (E&M)	99213 (office visit), 99285 (ED visit)
00100-01999	Anesthesia	01992 (anesthesia for nerve block)
10021-69990	Surgical	47562 (laparoscopic cholecystectomy)
70010-79999	Radiology	71020 (chest X-ray)
80047-89398	Pathology/Laboratory	80053 (comprehensive metabolic panel)
90281-99607	Medicine	90834 (psychotherapy), 96372 (injection)

Example E&M Coding:

CPT Code	Description	Typical Time	RVU
99211	Office visit, nurse only	5 min	0.56
99212	Office visit, straightforward	10 min	1.21
99213	Office visit, low complexity	15 min	1.92
99214	Office visit, moderate complexity	25 min	2.80
99215	Office visit, high complexity	40 min	3.76

3. SNOMED CT: Clinical Terminology

SNOMED CT (Systematized Nomenclature of Medicine – Clinical Terms)

Purpose: Comprehensive clinical terminology for EHR documentation
Scope: >350,000 active concepts covering diagnoses, symptoms, procedures, body structures, organisms, substances
Structure: Hierarchical ontology with relationships
Use Cases: Problem lists, clinical documentation, decision support, quality measurement

SNOMED CT vs. ICD-10:

SNOMED CT: Clinical detail (e.g., "acute anterior wall myocardial infarction")
ICD-10-CM: Billing/coding (e.g., I21.09)
Mapping: SNOMED concepts map to ICD-10 codes for billing

Example SNOMED CT Concepts:

Concept ID	Fully Specified Name	ICD-10-CM Equivalent
44054006	Type 2 diabetes mellitus	E11.9
233604007	Pneumonia	J18.9
38341003	Hypertensive disorder	I10
22298006	Myocardial infarction	I21.9

4. LOINC: Laboratory and Clinical Observations

LOINC (Logical Observation Identifiers Names and Codes)

Purpose: Standardized codes for lab tests, clinical observations, vital signs
Maintained By: Regenstrief Institute
Total Codes: >90,000
Use Cases: Lab orders, results reporting, quality measures

LOINC Structure: Each LOINC code identifies 6 components:

Component: What is being measured (e.g., Glucose)
Property: What aspect (e.g., mass concentration)
Timing: When measured (e.g., random, fasting)
System: Where measured (e.g., blood, urine)
Scale: How reported (e.g., quantitative, ordinal)
Method: How measured (optional)

Example LOINC Codes:

LOINC Code	Component	System	Long Name
2339-0	Glucose	Blood	Glucose [Mass/volume] in Blood
2093-3	Cholesterol	Serum/Plasma	Cholesterol [Mass/volume] in Serum or Plasma
8867-4	Heart rate	-	Heart rate
8480-6	Systolic BP	-	Systolic blood pressure
718-7	Hemoglobin	Blood	Hemoglobin [Mass/volume] in Blood

5. RxNorm: Medication Nomenclature

RxNorm

Purpose: Normalized drug names for clinical systems
Maintained By: National Library of Medicine (NLM)
Structure: Links brand/generic names, ingredients, strengths, dose forms
Use Cases: E-prescribing, medication reconciliation, decision support

RxNorm Hierarchy:

graph TD
    IN[Ingredients IN] --> PIN[Precise Ingredient PIN]
    IN --> DF[Clinical Drug Form DF]
    IN --> COMP[Clinical Drug Component<br/>SCDC/SBDC]
    DF --> SCD[Semantic Clinical Drug SCD]
    DF --> SBD[Semantic Branded Drug SBD]

Example RxNorm Concepts:

RxCUI	Term Type	Name
161	IN (Ingredient)	Acetaminophen
198440	SCD (Clinical Drug)	Acetaminophen 325 MG Oral Tablet
209387	SBD (Branded Drug)	Tylenol 325 MG Oral Tablet
1191	IN	Aspirin
197805	SCD	Aspirin 81 MG Oral Tablet
7052	IN	Metformin
860975	SCD	Metformin 500 MG Oral Tablet

Interoperability Standards

HL7 Version 2.x: Event-Driven Messaging

HL7 v2 has been the backbone of healthcare integration for 30+ years.

Key Characteristics:

Pipe-delimited text format
Event-driven (trigger events)
Widely adopted (nearly universal in hospitals)
Flexible (allows local customization—which is also a weakness)

Common Message Types:

Message Type	Description	Use Case	Example Trigger
ADT (A01-A62)	Admit, Discharge, Transfer	Patient registration, bed management	A01 = Admit patient
ORM (O01)	Order entry	Lab, radiology, pharmacy orders	O01 = General order
ORU (R01)	Observation result	Lab results, vital signs	R01 = Unsolicited observation
SIU (S12-S26)	Scheduling	Appointment scheduling	S12 = New appointment
MDM (T01-T11)	Medical document mgmt	Clinical documents	T02 = Document notification
DFT (P03)	Detailed financial transaction	Charge posting	P03 = Post charge

HL7 v2 Message Structure:

MSH|^~\&|SENDING_APP|SENDING_FAC|RECEIVING_APP|RECEIVING_FAC|20250105120000||ADT^A01|MSG00001|P|2.5
EVN|A01|20250105120000
PID|1||123456789^^^MRN||Doe^John^A||19800101|M|||123 Main St^^Boston^MA^02101
PV1|1|I|ICU^101^1^MAIN|||||||SUR||||||||V123456|||||||||||||||||||||||||20250105100000

Segments Explained:

MSH: Message Header (sending/receiving systems, timestamp, message type)
EVN: Event Type (what triggered the message)
PID: Patient Identification (demographics)
PV1: Patient Visit (location, attending physician, visit number)

Challenges with HL7 v2:

Optionality: Many fields optional, leading to inconsistent implementations
Customization: Local variations ("Z-segments") hinder portability
Complexity: Learning curve for developers
Maintenance: Point-to-point interfaces are brittle

HL7 CDA and C-CDA: Document Exchange

CDA (Clinical Document Architecture)

Format: XML-based
Purpose: Structured clinical documents
Use Cases: Discharge summaries, continuity of care documents, referrals

C-CDA (Consolidated CDA)

Current Version: R2.1
Purpose: Care summaries for transitions of care
Meaningful Use: Required for EHR certification

Common C-CDA Document Types:

Document Type	Purpose	Key Sections
CCD (Continuity of Care Document)	Comprehensive patient summary	Problems, Medications, Allergies, Procedures, Results
Referral Note	Provider-to-specialist referral	Reason for referral, relevant history
Discharge Summary	Hospital discharge to PCP	Admission diagnosis, procedures, discharge meds
Progress Note	Ongoing care documentation	Subjective, Objective, Assessment, Plan (SOAP)
Transfer Summary	Facility-to-facility handoff	Current status, treatment plan, care team

C-CDA Challenges:

Complexity: Verbose XML, difficult to parse
Inconsistency: Optional sections lead to variable quality
Human Readability: Not user-friendly (narrative + structured data)
FHIR Alternative: FHIR is increasingly replacing C-CDA for interoperability

HL7 FHIR: Modern RESTful Standard

FHIR (Fast Healthcare Interoperability Resources) is the future of healthcare data exchange.

Why FHIR Matters:

RESTful API: Web-standard, developer-friendly
Modular Resources: 145+ resources (Patient, Observation, Medication, etc.)
JSON/XML Support: Modern data formats
Extensible: Profiles and Implementation Guides
Regulatory Mandate: ONC requires FHIR for patient data access (21st Century Cures Act)

FHIR Core Resources:

Category	Resources	Use Cases
Administrative	Patient, Practitioner, Organization, Location, Encounter	Patient demographics, provider directories, visit tracking
Clinical	Condition, Observation, Procedure, DiagnosticReport, Medication*	Problem lists, lab results, procedures, medications
Financial	Claim, Coverage, ExplanationOfBenefit	Claims submission, eligibility, EOBs
Workflow	Appointment, Schedule, Task, ServiceRequest	Scheduling, care coordination, orders

FHIR API Interactions:

Operation	HTTP Method	Example	Use Case
Read	GET	GET /Patient/123	Retrieve specific patient
Search	GET	GET /Observation?patient=123&category=laboratory	Query lab results for patient
Create	POST	POST /Appointment	Schedule new appointment
Update	PUT	PUT /Patient/123	Update patient demographics
Delete	DELETE	DELETE /Appointment/456	Cancel appointment

Example FHIR Resource (Patient):

{
  "resourceType": "Patient",
  "id": "example-patient",
  "identifier": [
    {
      "system": "http://hospital.org/mrn",
      "value": "123456789"
    }
  ],
  "name": [
    {
      "use": "official",
      "family": "Doe",
      "given": ["John", "A"]
    }
  ],
  "telecom": [
    {
      "system": "phone",
      "value": "555-1234",
      "use": "home"
    },
    {
      "system": "email",
      "value": "john.doe@example.com"
    }
  ],
  "gender": "male",
  "birthDate": "1980-01-01",
  "address": [
    {
      "use": "home",
      "line": ["123 Main St"],
      "city": "Boston",
      "state": "MA",
      "postalCode": "02101"
    }
  ]
}

FHIR Profiles and Implementation Guides:

Profile/IG	Purpose	Maintained By
US Core	Baseline U.S. interoperability	HL7 / ONC
SMART on FHIR	App authorization and launch	HL7
Bulk Data (Flat FHIR)	Large-scale data export (NDJSON)	HL7
Da Vinci	Payer-provider data exchange	HL7 / CARIN Alliance
mCODE	Minimal Common Oncology Data Elements	ASCO / MITRE

DICOM: Imaging Standard

DICOM (Digital Imaging and Communications in Medicine)

Purpose: Medical imaging format and communication protocol
Scope: Radiology, cardiology, pathology, ophthalmology
Components:
- File Format: Image data + metadata (patient, study, series)
- Network Protocol: DIMSE (DICOM Message Service Element)
- Workflow: Modality Worklist, storage, query/retrieve

DICOM Entities:

Entity	Description	Examples
Modality	Imaging device	CT scanner, MRI, X-ray, ultrasound
PACS (Picture Archiving and Communication System)	Central image repository	GE Centricity, Agfa, Philips
Worklist	Exam scheduling system	RIS (Radiology Information System)
Viewer	Image display application	Radiologist workstation, physician portal

DICOM Integration Workflow:

graph LR
    RIS["RIS<br/>(Worklist)"]
    MOD["Modality<br/>(Scanner)"]
    PACS["PACS<br/>(Archive)"]
    VIEW["Viewer<br/>(Display)"]

    RIS -->|MWL| MOD
    MOD -->|MPPS| RIS
    MOD -->|Store| PACS
    PACS -->|Query| VIEW

DICOM Challenges:

Large File Sizes: Images can be gigabytes (e.g., 3D CT scans)
Network Bandwidth: Requires high-speed connections
Storage: Long-term archival and compliance (often 7-10 years)
Security: Sensitive images require encryption and access controls

X12 EDI: Financial Transactions

EDI (Electronic Data Interchange) X12 is the standard for payer-provider transactions.

Common X12 Transaction Sets:

Transaction	Name	Direction	Purpose
270/271	Eligibility Inquiry/Response	Provider → Payer → Provider	Check insurance eligibility
837	Healthcare Claim	Provider → Payer	Submit claim for reimbursement
835	Remittance Advice	Payer → Provider	Explain payment/denial
278	Prior Authorization	Provider ↔ Payer	Request/respond to prior auth
834	Benefit Enrollment	Employer/Payer → Payer	Enroll members in plans
999/997	Functional Acknowledgment	Receiver → Sender	Confirm receipt of transaction

EDI Workflow Example (Claims Processing):

graph TD
    PROV["Provider<br/>(Billing)"]
    CLR["Clearinghouse<br/>(Validator)"]
    PAY["Payer<br/>(Processor)"]

    PROV -->|837| CLR
    CLR -->|837| PAY
    PAY -->|999| CLR
    CLR -->|999| PROV
    PAY -->|835| PROV

Example 837 Claim Elements:

Patient demographics (name, DOB, address, subscriber ID)
Provider information (NPI, taxonomy, address)
Diagnosis codes (ICD-10-CM)
Procedure codes (CPT/HCPCS)
Charges (line-item billing)

EDI Implementation Considerations:

Clearinghouses: Intermediaries that validate and route claims (Change Healthcare, Waystar)
HIPAA Compliance: Required for covered entities
Testing: Use test payers before production
Error Handling: 835 remittance contains denial reasons

NCPDP: Pharmacy Transactions

NCPDP (National Council for Prescription Drug Programs)

Purpose: Pharmacy claims, e-prescribing, medication history
Formats:
- SCRIPT: E-prescribing (Surescripts network)
- Telecommunication Standard: Pharmacy claims at point-of-sale
- Batch Standard: Pharmacy claims submission

E-Prescribing Workflow (NCPDP SCRIPT):

graph LR
    PRESC["Prescriber<br/>(EHR)"]
    SURE["Surescripts<br/>Network"]
    PHARM["Pharmacy<br/>(Rx)"]

    PRESC -->|Script| SURE
    SURE -->|Script| PHARM
    PHARM -->|Status| SURE
    SURE -->|Status| PRESC

Compliance and Privacy Frameworks

HIPAA and HITECH

HIPAA (Health Insurance Portability and Accountability Act)

Privacy Rule: Governs use/disclosure of PHI
Security Rule: Safeguards for ePHI (encryption, access control, audit logs)
Breach Notification Rule: Report breaches affecting >500 individuals

HITECH (Health Information Technology for Economic and Clinical Health Act)

Meaningful Use: Incentives for EHR adoption
Breach Penalties: Increased fines for HIPAA violations
Patient Rights: Access to electronic health records

Key HIPAA Requirements for IT:

Requirement	Standard	Implementation
Encryption	Addressable	Encrypt PHI at rest (AES-256) and in transit (TLS 1.2+)
Access Control	Required	Role-based access (RBAC), unique user IDs, automatic logoff
Audit Logs	Required	Log all PHI access (who, what, when), retain 6+ years
Business Associate Agreements (BAAs)	Required	Contracts with vendors handling PHI
Risk Assessments	Required	Annual security risk analysis

42 CFR Part 2: Substance Use Disorder Records

42 CFR Part 2 provides extra protections for substance use disorder (SUD) treatment records.

Key Differences from HIPAA:

Stricter Consent: Explicit patient consent required for most disclosures
Prohibition on Redisclosure: Recipients cannot further share without consent
Segmentation: SUD records often segregated from general EHR

IT Implications:

Consent Management: Systems must track granular consent directives
Data Segmentation for Privacy (DS4P): Separate SUD data in EHR

GDPR (For Multinational Operations)

GDPR (General Data Protection Regulation) applies to EU residents' data.

Key GDPR Concepts:

Right to Access: Patients can request data copy
Right to Erasure ("Right to Be Forgotten"): Delete data upon request
Data Portability: Export data in machine-readable format
Consent: Must be freely given, specific, informed

FHIR Deep Dive: Building Interoperability

FHIR Resources in Practice

Common FHIR Resource Patterns:

Patient Resource

{
  "resourceType": "Patient",
  "identifier": [{"system": "http://hospital.org/mrn", "value": "12345"}],
  "name": [{"family": "Smith", "given": ["Jane"]}],
  "birthDate": "1985-05-15",
  "gender": "female"
}

Observation Resource (Lab Result)

{
  "resourceType": "Observation",
  "status": "final",
  "category": [{"coding": [{"system": "http://terminology.hl7.org/CodeSystem/observation-category", "code": "laboratory"}]}],
  "code": {"coding": [{"system": "http://loinc.org", "code": "2339-0", "display": "Glucose"}]},
  "subject": {"reference": "Patient/12345"},
  "effectiveDateTime": "2025-01-05T08:30:00Z",
  "valueQuantity": {"value": 95, "unit": "mg/dL", "system": "http://unitsofmeasure.org", "code": "mg/dL"}
}

MedicationRequest Resource (Prescription)

{
  "resourceType": "MedicationRequest",
  "status": "active",
  "intent": "order",
  "medicationCodeableConcept": {"coding": [{"system": "http://www.nlm.nih.gov/research/umls/rxnorm", "code": "860975", "display": "Metformin 500 MG Oral Tablet"}]},
  "subject": {"reference": "Patient/12345"},
  "dosageInstruction": [{"text": "Take 1 tablet by mouth twice daily with meals", "timing": {"repeat": {"frequency": 2, "period": 1, "periodUnit": "d"}}}]
}

FHIR Implementation Guides (IGs)

US Core Implementation Guide

Purpose: Define minimum FHIR conformance for U.S. interoperability
Profiles: US Core Patient, US Core Observation, US Core MedicationRequest
Mandates: ONC certification requires US Core support
Search Parameters: Define required search capabilities

Example US Core Search:

GET /Observation?patient=12345&category=laboratory&date=ge2024-01-01

SMART on FHIR

Purpose: Launch FHIR apps from EHRs with OAuth2 authorization
Use Cases: Patient portals, clinical decision support apps, population health tools
Scopes: patient/.read, user/.write, launch/patient

Bulk Data API (Flat FHIR)

Purpose: Export large datasets (millions of records) for analytics
Format: NDJSON (newline-delimited JSON)
Use Cases: Population health, research, payer data exchange
Workflow:
1. Kick-off: POST /$export
2. Status Check: Poll status endpoint
3. Download: Retrieve NDJSON files from cloud storage

Terminology Mapping and Management

Vocabulary Mapping Challenges

Healthcare systems often need to map between code sets:

Source	Target	Use Case	Challenge
SNOMED CT	ICD-10-CM	Clinical documentation → billing	One-to-many mappings, loss of specificity
Local Lab Codes	LOINC	Proprietary codes → standardized reporting	Manual mapping required
Brand Names	RxNorm	Prescription entry → normalized medication	Multiple brands for same ingredient
HL7 v2 Codes	FHIR ValueSets	Legacy integration → modern APIs	Custom z-segments, local codes

Terminology Services

Terminology Service Functions:

Code Lookup: Retrieve code details (description, hierarchy)
Validation: Verify code exists in value set
Mapping: Translate between code systems (SNOMED → ICD-10)
Subsumption: Determine if code is a type of another (e.g., "Type 2 diabetes" subsumes "Type 2 diabetes with retinopathy")
Expansion: Generate all codes in a value set

Popular Terminology Services:

NLM VSAC (Value Set Authority Center): CMS, ONC value sets
SNOMED International Browser
Apelon DTS
Custom FHIR Terminology Service (HAPI FHIR server)

Implementation Checklist for IT Teams

When starting a healthcare integration project, ensure:

✅ Standards Selection

Identify required standards based on use case (clinical, financial, regulatory)
Confirm versions (e.g., HL7 v2.5.1, FHIR R4, ICD-10-CM 2025)
Understand payer/regulatory mandates (e.g., CMS requires X12 5010, FHIR for patient access)

✅ Terminology Management

Define canonical vocabularies (ICD-10, SNOMED, LOINC, RxNorm)
Establish terminology service (for lookups, validation, mapping)
Plan for annual code set updates (ICD-10 in October, CPT in January)
Document local code extensions (z-segments, custom terminologies)

✅ Data Governance

Create data dictionary mapping internal fields to standards
Define data quality rules (required fields, valid code sets)
Establish master data management (patient, provider, payer, location)
Implement consent management for data sharing

✅ Testing and Validation

Use test harnesses (NIST validators, Inferno for FHIR)
Generate sample messages for each standard
Perform conformance testing with vendors
Validate against Implementation Guides (US Core, Da Vinci, etc.)

✅ Security and Compliance

Implement HIPAA-compliant encryption (TLS 1.2+, AES-256)
Establish audit logging for PHI access
Execute Business Associate Agreements (BAAs) with vendors
Conduct annual HIPAA risk assessments

Conclusion

Healthcare standards and terminology are the foundation of interoperability, compliance, and patient safety. While the landscape is complex—with overlapping clinical, financial, and administrative standards—mastering these concepts is essential for successful healthcare IT implementations.

Key Takeaways:

Precision matters: A single incorrect code can cause claim denials or patient harm
Standards evolve: Stay current with annual updates (ICD-10, CPT) and emerging standards (FHIR)
Interoperability is multi-layered: Clinical (FHIR, HL7 v2), financial (X12), imaging (DICOM) all coexist
Terminology services are critical: Don't hardcode mappings; use services for flexibility
Compliance is non-negotiable: HIPAA, 42 CFR Part 2, state laws require careful implementation

In the next chapter, we'll explore the regulatory landscape in detail, covering HIPAA enforcement, FDA oversight of medical software, and the evolving role of CMS and ONC in driving interoperability.

Next Chapter: Chapter 3: Regulatory Landscape in North America