Common Healthcare Compliance Abbreviations
ACO Accountable Care Organizations are groups of doctors, hospitals, and other health care providers, who come together voluntarily to give coordinated high-quality care to their Medicare patients.
BAA Business Associate Agreement, under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), a BAA is a contract between a covered entity (CE) and business associate (BA) to ensure protected health information (PHI) is properly safeguarded in accordance with HIPAA.
CMP Civil Monetary Penalty, the Office of Inspector General (OIG) has the authority to seek civil monetary penalties (CMP), assessments, and exclusion against an individual or entity based on a wide variety of prohibited conduct.
DRP Disaster Recovery Plan is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster.
EHR / EMR (often used interchangeably) Electronic Health Record / Electronic Medical Record.
FMLA Family and Medical Leave Act entitles eligible employees of covered employers to take unpaid, job-protected leave for specified family and medical reasons with continuation of group health insurance coverage under the same terms and conditions as if the employee had not taken leave.
GHS Globally Harmonized System of Classification and Labeling of Chemicals. The GHS provides a single set of harmonized criteria for classifying chemicals according to their health and physical hazards and specifies hazard communication elements for labeling and safety data sheets (SDS). Under the GHS, labels include signal words, pictograms, and hazard and precautionary statements and safety data sheets would have a standardized format.
HITECH The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, was signed into law on February 17, 2009, to promote the adoption and meaningful use of health information technology.
ICD-10 International Classification of Diseases, Tenth Edition. When we hear "ICD-10" in the United States, it usually refers to the U.S. clinical modification of ICD-10: ICD-10-CM.
JCAHCO Joint Commission on Accreditation of Health Care Organization is an independent, not-for-profit organization that certifies nearly 21,000 health care organizations and programs in the United States.
KPI Key Performance Indicator is a business metric used to evaluate factors that are crucial to the success of an organization. In other words, to determine if a company is achieving key business objectives.
LEIE -List of Excluded Individuals and Entities, Medicare Advantage plan sponsors are required to ensure that all FDRs (first-tier, downstream, and related entities) are screening all employees/vendors/subcontractors against the DHHS (Department of Health and Human Services) OIG List of Excluded Individuals and Entities (LEIE)prior to hiring or contracting and then recheck monthly thereafter.
MU Meaningful Use is using certified electronic health record (EHR) technology to accomplish the following: Improve quality, safety, efficiency, and reduce health disparities. Engage patients and family. Improve care coordination, and population and public health. And to maintain the privacy and security of patient health information.
NPP Notice of Privacy Practices, the HIPAA Privacy Rule requires health plans and covered health care providers to develop and distribute a notice that provides a clear, user-friendly explanation of individuals rights with respect to their personal health information and the privacy practices of health plans and health care providers.
OCR Office of Civil Rights is an organization within the U.S. Department of Health & Human Services (HHS) that investigates health information privacy and patient safety confidentiality complaints to decide if a discriminatory act or a violation of law has occurred and takes action to resolved issues identified during the investigation process.
PQRS Physician Quality Reporting System is a quality reporting program that encourages individual eligible professionals (EPs) and group practices to report information on the quality of care to Medicare.
QAPI Quality Assurance (QA) and Performance Improvement (PI) is the merger of two complementary approaches to quality
RAC created by Congress, the Recovery Audit (RAC) program helps CMS identify proper payments made by Medicare and Medicaid.
SRA Security Risk Analysis. In accordance with 45 CFR 164.308(a)(1), the purpose of the SRA is to have a corrective action plan in place to address deficiencies, then to document any updates and improvements that were made as part of your subsequent SRA submission.
TPO Treatment, Payment, and Healthcare Operations. The HIPAA Privacy Rule permits a covered entity may, without the individual's authorization, to use or disclose protected health information for its own treatment, payment, and health care operations activities.