5 exercises on healthcare IT terms — standards, codes, and privacy.
0 / 5 completed
1 / 5
What is FHIR?
FHIR (Fast Healthcare Interoperability Resources) is a standard from HL7 for exchanging electronic health information. It models clinical and administrative data as modular resources — Patient, Observation, Medication, Encounter — each with a defined structure and exchanged over a RESTful API using JSON or XML. FHIR was designed to be developer-friendly and web-native, making it far easier to build apps against than older formats. It supports profiles to constrain resources for specific use cases and underpins modern interoperability initiatives like SMART on FHIR.
2 / 5
What is HL7?
HL7 (Health Level Seven) refers both to the standards-development organization and to its family of messaging standards for exchanging healthcare information between systems. The classic HL7 v2 uses pipe-and-hat delimited messages (segments like MSH, PID) and remains extremely common in hospitals for events like admissions and lab results. HL7 also produced the XML-based v3 and CDA documents, and most recently FHIR. The "Level Seven" name refers to the application layer (layer 7) of the OSI networking model.
3 / 5
What is ICD-10?
ICD-10 is the tenth revision of the International Classification of Diseases, maintained by the World Health Organization. It provides a standardized system of alphanumeric codes (for example E11.9 for type 2 diabetes without complications) used to classify diagnoses, symptoms, and procedures. ICD codes drive clinical documentation, epidemiological statistics, and especially medical billing and insurance reimbursement. The granularity of ICD-10 — tens of thousands of codes — allows precise reporting but also makes accurate coding a specialized skill in health IT systems.
4 / 5
What is HIPAA?
HIPAA (Health Insurance Portability and Accountability Act) is a US federal law that, among other things, establishes national standards for protecting patient health data. Its Privacy Rule governs how protected health information may be used and disclosed, while its Security Rule mandates administrative, physical, and technical safeguards (access controls, encryption, audit logs) for electronic PHI. Organizations that handle PHI — covered entities and their business associates — face significant penalties for breaches. HIPAA compliance is a foundational requirement for any software touching US healthcare data.
5 / 5
What are PHI and de-identification?
PHI (Protected Health Information) is any individually identifiable health information — names, dates, medical record numbers, diagnoses tied to a person — that HIPAA protects. De-identification is the process of removing or obscuring those identifiers so the data can no longer reasonably be linked to an individual, at which point it falls outside HIPAA restrictions and can be used for research or analytics. HIPAA recognizes two methods: Safe Harbor (removing 18 specified identifier types) and Expert Determination (a statistician certifies re-identification risk is very small).