Appendix A: Glossary
Audit trail: Information concerning the history of an electronic document, often including details of insertions, deletions, or other alterations to the data as well as details of access to the data.
Agent/affiliate: An individual to whom the responsibilities of a health information custodian can be delegated. In a hospital setting, physicians, nurses, and other clinical care providers are often considered to be an agent or affiliate of the custodian hospital or regional health authority. In a physician’s office, an office assistant and other staff members who are required to access the medical records for business or clinical purposes often do so as an agent of the custodian physician. Despite being an affiliate of the hospital or regional health authority that has legal custodianship over the record, a physician will generally be subject to similar obligations regarding the protection of patients’ personal health information.
Core data set: A subset of health-related information required for treatment of a patient which is created for the purpose of sharing specific data between healthcare professionals. (Also referred to as “clinical data set, “client data set,” “continuity of care record,” “electronic medical summary,” “shareable patient health profile,” “cumulative patient profile,” and “master patient index.”)
Custodianship (of eRecords): Duties associated with collecting, using, and disclosing information (in an eRecord).
Data integrity: Preservation of information so that it remains unaltered and is authentic.
Data sharing agreement: An agreement between a healthcare provider, or a group thereof, on the one hand, and an institution, health authority, or service provider on the other hand, that sets out the terms for the sharing of electronic health information.
Data stewardship: Responsibility for the appropriate management and protection of the data contained in an eRecord.
Digital signature: A secure form of electronic signature where the identity of the signatory and the authenticity and integrity of the document can be verified (e.g. a digitized image of a manual signature entered via a digital signature pad, use of a digital signature certificate with a private key).
Electronic health record (EHR): A compilation of core health data submitted by various healthcare providers and organizations, accessible by numerous authorized parties from a number of points of care, possibly even from different jurisdictions.
Electronic medical record (EMR): An electronic version of the paper record that doctors have traditionally maintained for their patients and which is typically only accessible within the facility or office that controls it. A “simple EMR,” which refers most often to an electronic record created and maintained by a single physician in an office-based practice, must be distinguished from a “shared EMR“ (see below) or “EHR“ (see above).
eRecords: Term used to refer to both EMRs and EHRs.
Electronic signature: Refers to a wide variety of non-manual signature options, including digital signatures. It is commonly defined as electronic data created or adopted by a person to sign a document. The data is then attached to or associated with the document.
Encryption: The process of transforming information into a form that is unintelligible to those not possessing the required knowledge or authorization to decrypt it, such as a muddled stream of seemingly random symbols.
Inter-physician agreement: An agreement between physicians, such as in the context of a group of physicians or as part of a physician organization, dealing with how the information contributed to a shared EMR will be managed.
Licence: A legal agreement governing the use and distribution of copyright-protected software, including imposing restrictions on who can use the software and the legal obligations on the software designers and end users.
Lockbox: A security feature that allows access to a patient’s personal health information, or portions thereof, to be restricted to certain users at the specific request of the patient. (Often used interchangeably with the concept of a “masking,” below.)
Masking: The concealing of a patient’s personal health information, or portions thereof, at the specific request of the patient in order to limit or control the information that is disclosed to other healthcare providers. (Often used interchangeably with the concept of a “lockbox,” above.)
Metadata: Electronic background information generated in the course of creating and maintaining an electronic record e.g. dates and times of insertions/ deletions, details of user access.
Privacy audit: A periodic review and assessment of privacy controls to ensure their effectiveness.
Optical character recognition (OCR): A technology process that converts an image of handwritten or typewritten text into machine editable text that can be changed, searched, or otherwise manipulated.
Ownership (of eRecords): The concept of legal custody and control of an eRecord system and the data within it, even though a number of users may have rights to contribute and draw information from it.
Patient health record (PHR): (also referred to as “personal health record”): An electronic record typically created and maintained by the patient, sometimes using a third-party online service. Unlike eRecords, which are typically created and maintained by a healthcare professional or facility, the term PHR commonly refers to a compilation of information personally gathered and maintained by patients regarding their health. The patient controls access and information inputted into the PHR.
Privacy impact assessment: A risk management process by which actual and potential privacy risks associated with implementing an information system are identified.
Portable data storage device: Any portable electronic device that allows the storage of data such as a laptop, mobile phone, personal digital assistant (PDA), USB flash drive/memory stick, or portable hard drive.
Secondary use: The use of personal health information for purposes other than the provision of healthcare, for example, for research or health system planning.
Shared EMR: A centralized electronic medical record of a patient that permits a number of users (e.g. treating physicians, other healthcare providers, information managers, etc.) to access all or a portion of the record.