The Practice Glossary.
331 plain-English definitions for the billing, coding, HIPAA, compliance, and payer terminology a small medical practice actually deals with. Every entry links to the HHS, OCR, CMS, eCFR, or NIST source we cited — no marketing claims, no fabricated stats.
0–9
7 terms- Read more →
270/271 Eligibility Inquiry/Response
The HIPAA standard EDI transactions used to verify patient insurance eligibility (270 query, 271 response).
- Read more →
340B Drug Pricing
HRSA-administered drug-discount program that lets eligible safety-net providers buy outpatient drugs at reduced prices.
- Read more →
42 CFR Part 2 (SUD Records)
Federal regulation providing heightened confidentiality protection for substance use disorder treatment records.
- Read more →
60-Day Overpayment Rule
ACA requirement that Medicare and Medicaid overpayments be reported and returned within 60 days of identification.
- Read more →
835 Electronic Remittance Advice (ERA)
The HIPAA-mandated electronic transaction by which payers communicate payment and adjustment information to providers.
- Read more →
837 Electronic Claim
The HIPAA-mandated electronic transaction for submitting professional (837P), institutional (837I), or dental (837D) claims.
- Read more →
99214 vs 99215
The two most common established-patient office E/M levels; 99214 represents moderate complexity and 99215 high complexity.
A
20 terms- Read more →
ABN (Advance Beneficiary Notice of Non-coverage)
A standardized notice (CMS-R-131) given to Medicare fee-for-service beneficiaries before furnishing a service Medicare may not cover.
- Read more →
ACA Marketplace Plan
Health plans sold through the federal or state-based health insurance marketplaces under the Affordable Care Act.
- Read more →
Access Controls
Technical policies and procedures that allow only authorized persons or software programs to access ePHI.
- Read more →
Accountable Care Organization (ACO)
A group of providers that takes accountability for the quality, cost, and overall care of a defined patient population.
- Read more →
Accounting of Disclosures
The HIPAA right of an individual to receive a list of disclosures of their PHI made by a covered entity over the prior six years.
- Read more →
Addendum to Medical Record
A signed and dated note added to a medical record after the original encounter to clarify or supplement documentation.
- Read more →
Administrative Safeguards
Policies and procedures designed to manage the selection, development, implementation, and maintenance of security measures protecting ePHI.
- Read more →
Advance Care Planning
Discussion and documentation of patient's goals, values, and preferences for future medical care; billable under CPT 99497 and 99498.
- Read more →
Advance Explanation of Benefits (AEOB)
Under the No Surprises Act, the advance benefit statement that insurers must provide to insured patients before scheduled services (implementation deferred).
- Read more →
Advanced APM
An Alternative Payment Model that meets QPP criteria (including downside risk) and qualifies participating clinicians for a 5% lump-sum incentive payment.
- Read more →
ALJ Hearing
The third level of the Medicare claims appeal process, before an Administrative Law Judge at OMHA.
- Read more →
Amendment of PHI
The HIPAA right of an individual to request that a covered entity amend PHI in a designated record set.
- Read more →
Anesthesia Modifiers (QY, QK, AD, AA)
HCPCS modifiers identifying the anesthesia care team's involvement in a procedure.
- Read more →
Annual Wellness Visit (AWV)
A Medicare-covered preventive visit (G0438 initial, G0439 subsequent) focused on personalized prevention plans.
- Read more →
Anti-Kickback Statute (AKS)
Federal criminal statute (42 USC 1320a-7b(b)) that prohibits offering, paying, soliciting, or receiving remuneration to induce or reward referrals for items or services payable by federal health programs.
- Read more →
Appeal Letter
The written request to a payer to reconsider a denied or partially-paid claim.
- Read more →
Audio-Only Telehealth
Telehealth services delivered via telephone or other audio-only technology, without a video component.
- Read more →
Audit Defense
The organized process of preparing for and responding to a payer or government audit.
- Read more →
Audit Log
A record of system activity (logins, record access, configuration changes) that can be reviewed to detect inappropriate access or system compromise.
- Read more →
Authorization for Disclosure
A written authorization signed by the individual permitting a covered entity to use or disclose PHI for a purpose not otherwise permitted by the Privacy Rule.
B
6 terms- Read more →
BAA (Business Associate Agreement)
A written contract required between a covered entity and any vendor that creates, receives, maintains, or transmits PHI on its behalf.
- Read more →
Backup and Recovery
Procedures to create and maintain retrievable exact copies of ePHI and to restore data and systems after a disruption.
- Read more →
Breach of Unsecured PHI
An impermissible use or disclosure of PHI that is presumed to be a breach unless a four-factor risk assessment shows a low probability that PHI was compromised.
- Read more →
Business Associate
A person or entity that performs functions or activities on behalf of, or provides services to, a covered entity that involve the use or disclosure of PHI.
- Read more →
Business Continuity Plan (BCP)
The plan that enables continued business operations during and after a disruption.
- Read more →
BYOD (Bring Your Own Device)
The practice of allowing workforce members to use personally-owned devices to access organizational information systems.
C
37 terms- Read more →
CAQH Credentialing
The CAQH ProView database used by most commercial payers to credential providers.
- Read more →
CARC (Claim Adjustment Reason Code)
X12-maintained codes communicating why a claim or service line was paid differently than billed.
- Read more →
Cardiac Stress Test (93015-93018)
CPT codes for cardiac stress testing, with separate codes for the global service, supervision, and interpretation.
- Read more →
CEHRT
Certified Electronic Health Record Technology — EHR software certified by ONC to meet specific functional and interoperability criteria.
- Read more →
CERT (Comprehensive Error Rate Testing)
The CMS program that measures the Medicare fee-for-service improper payment rate.
- Read more →
Charge Capture
The process of identifying and recording every billable service furnished during a patient encounter.
- Read more →
Charity Care Policy
Written policy describing how a hospital or health system provides free or discounted care to patients meeting financial eligibility criteria; required for 501(c)(3) nonprofit hospitals under IRC 501(r).
- Read more →
CHIP (Children's Health Insurance Program)
State-administered federal program providing health coverage to children in families with incomes too high for Medicaid but too low for private coverage.
- Read more →
Chronic Care Management (CCM)
Care management services for Medicare beneficiaries with two or more chronic conditions; billed monthly under CPT 99490 and related codes.
- Read more →
Civil Monetary Penalties
Administrative penalties HHS-OIG may impose on healthcare providers for various violations including HIPAA breaches, kickbacks, and billing for excluded individuals.
- Read more →
Clean Claim Rate
Percentage of claims accepted by the payer on first submission without edits or rejections.
- Read more →
Clearinghouse
An entity that translates electronic transactions between providers and payers and applies front-end edits to reduce rejected claims.
- Read more →
CLIA (Clinical Laboratory Improvement Amendments)
Federal regulations applicable to all U.S. facilities or sites that test human specimens for health assessment or to diagnose, prevent, or treat disease.
- Read more →
CMS-855 (Medicare Enrollment Application)
Family of Medicare enrollment applications: 855A (institutional), 855B (group), 855I (individual), 855O (ordering/referring), 855R (reassignment).
- Read more →
CO (Contractual Obligation)
An X12 adjustment group code indicating the patient is not responsible because the amount is a contractual write-off.
- Read more →
CO-109 (Claim Not Covered by Payer)
Contractual Obligation 109 — the claim is not covered by this payer/contractor.
- Read more →
CO-16 (Claim Lacks Information)
Contractual Obligation 16 — the claim or service line lacks information or has submission/billing errors.
- Read more →
CO-18 (Duplicate Claim)
Contractual Obligation 18 — exact duplicate of another claim.
- Read more →
CO-204 (Service Not Covered)
Contractual Obligation 204 — this service/equipment/drug is not covered under the patient's current benefit plan.
- Read more →
CO-29 (Time Limit for Filing Expired)
Contractual Obligation 29 — the time limit for filing has expired.
- Read more →
CO-50 (Non-Covered Services / Not Medically Necessary)
Contractual Obligation 50 — payer determines the services were not deemed medical necessity by the payer.
- Read more →
CO-97 (Service Included in Another Service)
Contractual Obligation 97 — the benefit for this service is included in the payment for another service.
- Read more →
Code on Dental Procedures
The ADA-maintained Code on Dental Procedures and Nomenclature used in dental claims.
- Read more →
Collaborative Care Model (CoCM)
Integrated primary-care behavioral-health model billable under CPT 99492-99494 and HCPCS G2214.
- Read more →
Colonoscopy Modifier 33 (Preventive)
CPT modifier indicating a preventive service furnished under an ACA-required coverage benefit, waiving patient cost-sharing.
- Read more →
Compliance Hotline
A confidential reporting channel for workforce members and others to report suspected compliance concerns.
- Read more →
Compliance Officer
The designated individual responsible for operating the practice's compliance program.
- Read more →
Contingency Plan
The HIPAA-required plan covering data backup, disaster recovery, and emergency-mode operation when normal operations are disrupted.
- Read more →
Controlled Substances Act
Federal statute (21 USC 801 et seq.) regulating the manufacture, distribution, and dispensing of controlled substances.
- Read more →
Conversion Factor
The dollar value multiplied by the geographically-adjusted Relative Value Unit to determine the Medicare-allowable amount for a service.
- Read more →
Coordination of Benefits (COB)
The rules and processes that determine which of two or more insurance plans pays first when a patient is covered by multiple plans.
- Read more →
Corrective Action Plan (CAP)
A documented plan describing steps to address identified compliance deficiencies, the owners, timelines, and monitoring.
- Read more →
Covered Entity
A health plan, health care clearinghouse, or health care provider that transmits health information in electronic form in connection with a HIPAA transaction.
- Read more →
CPT (Current Procedural Terminology)
The AMA-maintained code set that describes medical, surgical, and diagnostic services for billing.
- Read more →
CPT Category III Codes
Temporary CPT codes (xxxxT) for emerging technology, services, and procedures.
- Read more →
Credentialing
The process by which a payer verifies a provider's qualifications and grants participation in the network.
- Read more →
Critical Care (99291-99292)
CPT codes for evaluation and management of a critically ill or critically injured patient, time-based.
D
15 terms- Read more →
Data Use Agreement (DUA)
A written agreement required for disclosing a Limited Data Set, restricting the recipient's use and requiring safeguards.
- Read more →
Days in Accounts Receivable
Average number of days from claim submission to payment, calculated as (total A/R) ÷ (average daily charges).
- Read more →
De-identification
The process of removing identifiers from PHI such that the resulting information is not individually identifiable health information.
- Read more →
Deactivation
Removal of a provider from Medicare's enrollment file, typically for failing to revalidate, billing inactivity, or final adverse action.
- Read more →
Denial Management
The end-to-end workflow of identifying, categorizing, appealing, and preventing claim denials.
- Read more →
Dental CDT Codes
The American Dental Association's Code on Dental Procedures and Nomenclature used to bill dental services.
- Read more →
Designated Health Service (DHS)
Categories of services subject to the physician self-referral prohibition under the Stark Law.
- Read more →
Designated Record Set
The group of records maintained by or for a covered entity that contains PHI used to make decisions about individuals.
- Read more →
Disaster Recovery Plan (DRP)
The portion of the contingency plan that addresses restoration of IT systems and ePHI after a disruptive event.
- Read more →
Distant Site
Under Medicare telehealth rules, the location of the practitioner delivering the telehealth service.
- Read more →
DMEPOS (Durable Medical Equipment, Prosthetics, Orthotics, and Supplies)
Equipment and supplies that can withstand repeated use, are used for a medical purpose, and are appropriate for use in the home.
- Read more →
DMEPOS Competitive Bidding
CMS program that uses competitive bidding to set DMEPOS payment amounts in defined Competitive Bidding Areas.
- Read more →
Documentation Cloning
The practice of copying prior or template-generated documentation into a new encounter note without updating it for the current visit.
- Read more →
Documentation Specificity
The level of detail in clinical documentation needed to support the diagnosis and service codes reported.
- Read more →
Dual-Eligible
An individual enrolled in both Medicare and Medicaid.
E
11 terms- Read more →
E-Prescribing of Controlled Substances (EPCS)
DEA-regulated electronic prescribing of Schedule II-V controlled substances.
- Read more →
E/M Coding
Evaluation and Management codes (99202-99499) used to bill office, hospital, and other professional visits.
- Read more →
Echocardiography Codes (93303-93356)
CPT codes for transthoracic, transesophageal, and stress echocardiography studies.
- Read more →
EFT (Electronic Funds Transfer)
The HIPAA-mandated electronic payment transaction that moves funds from payer to provider, paired with the 835 remittance.
- Read more →
EHI (Electronic Health Information)
Electronic protected health information to the extent that it would be included in a designated record set, plus other identifying health information held by an actor.
- Read more →
Email Encryption Gateway
A system that automatically encrypts outbound email containing PHI based on content rules or recipient address.
- Read more →
EMTALA
Federal statute (42 USC 1395dd) requiring hospitals participating in Medicare with emergency departments to provide a medical screening exam and stabilizing treatment regardless of ability to pay.
- Read more →
Encryption at Rest
Cryptographic protection of stored ePHI such that the data is unreadable without the decryption key.
- Read more →
Encryption in Transit
Cryptographic protection of ePHI moving between systems or networks, typically via TLS.
- Read more →
ePHI (Electronic Protected Health Information)
PHI that is created, received, maintained, or transmitted in electronic form.
- Read more →
Extrapolation
The statistical projection of overpayment findings from a sample of claims to a larger universe of claims, used in many Medicare audits.
F
10 terms- Read more →
Facility Access Controls
Physical safeguards controlling who can enter facilities containing ePHI.
- Read more →
Facility Fee
A charge billed by a hospital or facility for the institutional resources used in providing a service, separate from the professional fee.
- Read more →
False Claims Act
Federal statute (31 USC 3729-3733) that imposes liability on persons and companies who defraud federal programs.
- Read more →
FHIR (Fast Healthcare Interoperability Resources)
HL7 standard for exchanging healthcare data electronically through RESTful APIs and structured resources.
- Read more →
FMV (Fair Market Value)
Compensation, rent, or payment terms that reflect what would be paid in an arm's-length transaction.
- Read more →
Formulary
A health plan's list of covered drugs, typically organized by tier with associated cost-sharing.
- Read more →
Four-Factor Breach Risk Assessment
The four-factor analysis at 45 CFR 164.402 used to determine whether an impermissible use or disclosure of PHI is a reportable breach.
- Read more →
FPL (Federal Poverty Level)
Annual income thresholds published by HHS used to determine eligibility for federal programs.
- Read more →
FQHC (Federally Qualified Health Center)
A community-based safety-net provider that meets requirements at section 1861(aa) of the Social Security Act and receives prospective payment from Medicare and enhanced reimbursement from Medicaid.
- Read more →
FTC Health Breach Notification Rule
FTC rule (16 CFR Part 318) requiring vendors of personal health records and related entities (not HIPAA-covered) to notify affected individuals and FTC after a breach of unsecured PHR identifiable health information.
G
9 terms- Read more →
G-Code
HCPCS Level II codes (G0000-G9999) for procedures and services that do not have CPT codes — primarily Medicare temporary or Medicare-specific services.
- Read more →
G0463 (Hospital Outpatient Clinic Visit)
HCPCS code billed by hospital outpatient departments for clinic visits, replacing the E/M codes when furnished in POS 22.
- Read more →
G2211 (Visit Complexity Add-on)
Medicare HCPCS add-on code recognizing the visit complexity inherent to evaluation and management services associated with primary care and certain longitudinal care.
- Read more →
GA Modifier
HCPCS modifier indicating an Advance Beneficiary Notice of Non-coverage (ABN) was issued and is on file.
- Read more →
Geographic Practice Cost Index (GPCI)
Geographic adjusters applied to each RVU component to reflect local cost variation in physician work, practice expense, and malpractice.
- Read more →
Global Period
The period of time during which the payer considers most related preoperative and postoperative services bundled into the surgical fee.
- Read more →
Good Faith Estimate (GFE)
Under the No Surprises Act, the written estimate of expected charges providers must give to uninsured and self-pay patients prior to scheduled services.
- Read more →
Group Practice (Stark)
A defined-term group of physicians who share specific operational characteristics making them eligible for certain Stark Law exceptions.
- Read more →
GZ Modifier
HCPCS modifier indicating an ABN was not issued for a service Medicare is expected to deny as not reasonable and necessary.
H
14 terms- Read more →
HCC (Hierarchical Condition Category)
The CMS risk-adjustment model that groups ICD-10 codes into categories used to predict the cost of care for Medicare Advantage enrollees.
- Read more →
HCPCS Level II
The CMS-maintained code set covering products, supplies, and services not included in CPT — primarily durable medical equipment, drugs, and Medicare-specific services.
- Read more →
Health Information Exchange (HIE)
The electronic movement of health-related information among organizations, enabling care coordination and population health.
- Read more →
HIPAA Breach Notification Rule
The federal rule at 45 CFR Part 164 Subpart D requiring covered entities and business associates to notify affected individuals, HHS, and sometimes the media after a breach of unsecured PHI.
- Read more →
HIPAA Omnibus Rule
The 2013 final rule that implemented the HITECH Act amendments to HIPAA, making business associates directly liable and tightening the breach notification standard.
- Read more →
HIPAA Privacy Officer
The workforce member designated under 45 CFR 164.530(a)(1)(i) to be responsible for the development and implementation of HIPAA privacy policies.
- Read more →
HIPAA Privacy Rule
The federal regulation at 45 CFR Part 164 Subpart E that governs the use and disclosure of PHI.
- Read more →
HIPAA Security Officer
The workforce member designated under 45 CFR 164.308(a)(2) to be responsible for the development and implementation of HIPAA security policies.
- Read more →
HIPAA Security Rule
The federal regulation at 45 CFR Part 164 Subpart C that requires safeguards for ePHI.
- Read more →
Home Health Face-to-Face
Medicare requirement that a physician or allowed practitioner document a face-to-face encounter related to the primary reason for home health within defined windows.
- Read more →
Home Health PPS
The CMS prospective payment system for home health services, based on 30-day periods of care under PDGM.
- Read more →
Hospice
Medicare-covered comprehensive end-of-life care for beneficiaries with a life expectancy of 6 months or less, paid under the Hospice Payment System.
- Read more →
Hospital Credentialing
The process by which a hospital medical staff verifies and grants privileges to a physician.
- Read more →
Hospital Discharge E/M (99238-99239)
Hospital discharge day management codes used by the attending physician on the day of discharge from inpatient or observation.
I
13 terms- Read more →
ICD-10-CM
The Clinical Modification of the WHO ICD-10 code set used in the United States to report diagnoses.
- Read more →
ICD-10-CM Z Code
ICD-10-CM categories Z00-Z99 used to document encounters for reasons other than disease or injury, including screenings, follow-up, social determinants, and personal/family history.
- Read more →
ICD-10-PCS
The Procedural Coding System used in the United States to report inpatient hospital procedures.
- Read more →
Immunization Codes (CPT 90460-90474)
CPT administration codes for vaccines, paired with HCPCS / CPT vaccine product codes (90471 administration + 90686 flu vaccine, etc.).
- Read more →
In-Office Ancillary Services Exception
Stark Law exception (42 CFR 411.355(b)) permitting referrals for designated health services furnished in the referring physician's office.
- Read more →
Incident Response Plan
The documented plan describing how a covered entity detects, contains, eradicates, and recovers from a security incident.
- Read more →
Independent Dispute Resolution (IDR)
Under the No Surprises Act, the arbitration process for resolving payment disputes between OON providers and payers for protected services.
- Read more →
Information Blocking
Under the 21st Century Cures Act, a practice, action, or interference (other than required by law or covered by an exception) that prevents access, exchange, or use of electronic health information.
- Read more →
Initial Preventive Physical (IPPE / Welcome to Medicare)
One-time Medicare preventive visit (G0402) furnished within 12 months of Part B enrollment.
- Read more →
Inpatient Hospital Billing
Facility billing for hospitalized patients, classified using the MS-DRG system under the Acute Inpatient Prospective Payment System.
- Read more →
Internal Audit (Compliance)
Periodic internal reviews of billing, coding, documentation, and operations to identify and correct compliance issues.
- Read more →
Interstate Medical Licensure Compact (IMLC)
A compact allowing physicians licensed in one member state to obtain expedited licensure in other member states.
- Read more →
IRS 501(r)
Internal Revenue Code section establishing additional requirements for 501(c)(3) nonprofit hospital tax exemption.
J
2 termsL
4 terms- Read more →
Late Entry
A documented entry made into the medical record after the time of service when documentation at the time of service was not possible.
- Read more →
LCD (Local Coverage Determination)
A MAC-published decision about whether a service is reasonable and necessary in its jurisdiction.
- Read more →
LEIE Exclusion Screening
Monthly screening of staff and vendors against the HHS-OIG List of Excluded Individuals/Entities (LEIE).
- Read more →
Limited Data Set
PHI that excludes direct identifiers but may include city, state, ZIP, dates, and other quasi-identifiers; may be disclosed for research, public health, or healthcare operations under a Data Use Agreement.
M
54 terms- Read more →
MAC LCD Article
A Local Coverage Article published by a MAC to provide billing, coding, or coverage clarification that does not rise to the formal LCD.
- Read more →
Media Sanitization
Process to render ePHI on storage media unreadable, indecipherable, or otherwise inaccessible before disposal or reuse.
- Read more →
Medicaid
Joint federal-state program providing health coverage to certain low-income individuals, families, pregnant women, elderly, and people with disabilities.
- Read more →
Medicaid MCO
A managed care organization contracted by a state to deliver Medicaid benefits.
- Read more →
Medical Decision Making (MDM)
One of two methods (with time) for selecting an E/M level, based on the number and complexity of problems, the amount and complexity of data reviewed, and the risk of complications.
- Read more →
Medical Decision Making Risk Element
The third axis of MDM-based E/M leveling, reflecting the risk of complications, morbidity, or mortality of patient management.
- Read more →
Medical Necessity
The standard requiring that services be reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of a malformed body member.
- Read more →
Medicare Administrative Contractor (MAC)
CMS-contracted regional entity that processes Medicare claims, makes coverage decisions, conducts provider education, and handles first-level appeals.
- Read more →
Medicare Appeals Council
The fourth level of the Medicare claims appeal process, conducted by the Departmental Appeals Board.
- Read more →
Medicare Appeals Levels
The five-level Medicare appeals process: Redetermination, Reconsideration, ALJ Hearing, Medicare Appeals Council, and Federal District Court.
- Read more →
Medicare Part A
The hospital insurance part of Medicare, covering inpatient hospital, skilled nursing facility, hospice, and limited home health.
- Read more →
Medicare Part B
The medical insurance part of Medicare, covering physician services, outpatient care, durable medical equipment, and preventive services.
- Read more →
Medicare Part C (Medicare Advantage)
Medicare benefits delivered through private health plans contracted with CMS, often with additional benefits and a managed-care structure.
- Read more →
Medicare Part D
Medicare prescription drug coverage delivered through stand-alone PDPs or MA-PD plans.
- Read more →
Medicare Secondary Payer (MSP)
Statutory rules at 42 USC 1395y(b) requiring other insurance to pay before Medicare in defined situations.
- Read more →
Medicare Stars Rating
Five-star quality rating system CMS publishes annually for Medicare Advantage and Part D plans.
- Read more →
Medication Reconciliation
The process of creating an accurate list of all medications a patient is taking and comparing it against new orders to identify discrepancies.
- Read more →
Medigap
Standardized Medicare supplemental insurance policies (Plans A through N) that pay some of the costs Original Medicare does not.
- Read more →
Mental Health Parity
Federal and state laws requiring health plans to apply benefits and access requirements to mental health and substance use treatment that are no more restrictive than those for medical/surgical care.
- Read more →
MFA (Multi-Factor Authentication)
Authentication requiring two or more independent factors — something you know, have, or are.
- Read more →
Minimum Necessary Rule
The HIPAA standard requiring covered entities to limit PHI uses, disclosures, and requests to the minimum necessary to accomplish the intended purpose.
- Read more →
Minor Consent
State-law rules on when a minor may consent to their own healthcare (and PHI disclosure) without parental involvement.
- Read more →
MIPS
Merit-based Incentive Payment System — the QPP track combining quality, cost, improvement activities, and promoting interoperability into a single composite score that adjusts Medicare payment.
- Read more →
Mobile Device Management (MDM)
Software that lets administrators centrally enforce security policies on smartphones, tablets, and laptops.
- Read more →
Modifier 22
CPT modifier indicating increased procedural services requiring substantially greater work than usually required.
- Read more →
Modifier 24
CPT modifier indicating an unrelated E/M service performed by the same provider during a postoperative global period.
- Read more →
Modifier 25
CPT modifier indicating that a significant, separately identifiable E/M service was performed by the same provider on the same day as another procedure or service.
- Read more →
Modifier 26
CPT modifier indicating the professional component of a procedure.
- Read more →
Modifier 32 (Mandated Services)
CPT modifier indicating a service performed as required by a third party such as a payer, court, or workers' compensation carrier.
- Read more →
Modifier 50
CPT modifier indicating a bilateral procedure performed at the same operative session.
- Read more →
Modifier 51
CPT modifier indicating multiple procedures performed at the same session by the same provider.
- Read more →
Modifier 52 (Reduced Services)
CPT modifier indicating a service that is partially reduced or eliminated at the physician's discretion.
- Read more →
Modifier 53 (Discontinued Procedure)
CPT modifier indicating a surgical or diagnostic procedure was started but discontinued due to extenuating circumstances or those threatening the wellbeing of the patient.
- Read more →
Modifier 57
CPT modifier indicating an E/M service that resulted in the initial decision to perform major surgery.
- Read more →
Modifier 59
CPT modifier identifying a distinct procedural service that is not normally reported together but is appropriate under the circumstances.
- Read more →
Modifier 73 / 74 (ASC Discontinued Procedure)
HCPCS modifiers indicating an ambulatory surgery center procedure was discontinued before (73) or after (74) anesthesia administration.
- Read more →
Modifier 76
CPT modifier indicating a repeat procedure or service by the same physician or other qualified health care professional.
- Read more →
Modifier 77
CPT modifier indicating a repeat procedure or service by a different physician or other qualified health care professional.
- Read more →
Modifier 78
CPT modifier indicating an unplanned return to the operating room by the same physician for a related procedure during the postoperative period.
- Read more →
Modifier 79
CPT modifier indicating an unrelated procedure or service by the same physician during the postoperative period.
- Read more →
Modifier 80 / 81 / 82 / AS (Assistant at Surgery)
CPT modifiers indicating assistant surgeon services: 80 (physician assistant), 81 (minimum assistant), 82 (when qualified resident unavailable), and HCPCS AS (PA, NP, CNS).
- Read more →
Modifier 91
CPT modifier indicating a repeat clinical diagnostic laboratory test performed on the same day to obtain subsequent reportable test values.
- Read more →
Modifier 93 (Audio-Only Synchronous Telehealth)
CPT modifier indicating a synchronous telemedicine service rendered via audio-only technology.
- Read more →
Modifier 95
CPT modifier indicating a synchronous telemedicine service rendered via real-time interactive audio and video.
- Read more →
Modifier General Reference
Catch-all reference for the wide CPT and HCPCS modifier set used in physician and outpatient billing.
- Read more →
Modifier GQ (Asynchronous Telehealth)
HCPCS modifier indicating asynchronous (store-and-forward) telecommunications technology was used for the telehealth service.
- Read more →
Modifier GT (Telehealth, archived)
HCPCS modifier historically used to indicate interactive audio-and-video telehealth services; largely replaced by POS 02/10 + modifier 95 for many payers.
- Read more →
Modifier JW
HCPCS modifier indicating drug amount discarded from a single-use vial or single-use package.
- Read more →
Modifier PT (Screening Becomes Diagnostic)
HCPCS modifier indicating a colorectal cancer screening test was converted to a diagnostic test or therapeutic procedure.
- Read more →
Modifier RT / LT
HCPCS modifiers identifying procedures performed on the right (RT) or left (LT) side of the body.
- Read more →
Modifier TC
HCPCS modifier indicating the technical component of a procedure.
- Read more →
MOON Notice
Medicare Outpatient Observation Notice — required to be issued to patients receiving observation services for more than 24 hours.
- Read more →
MS-DRG
Medicare Severity Diagnosis Related Groups — the classification system used to pay inpatient hospital admissions under Medicare's prospective payment system.
- Read more →
MUE (Medically Unlikely Edits)
CMS-set maximum units of service that a provider would report under most circumstances for a single beneficiary on a single date of service.
N
6 terms- Read more →
NCCI Edits
The CMS National Correct Coding Initiative edits that prevent improper payment when incorrect code combinations are reported.
- Read more →
NCD (National Coverage Determination)
A CMS-issued nationwide determination of whether Medicare will cover a particular service.
- Read more →
NDC (National Drug Code)
FDA-assigned 10-digit identifier for FDA-approved drugs and biologics.
- Read more →
No Surprises Act
Federal law effective January 1, 2022 that protects patients from surprise medical bills for emergency services, non-emergency services at in-network facilities by out-of-network providers, and air ambulance services.
- Read more →
Notice of Privacy Practices
The written notice covered entities must provide to patients describing how PHI may be used and disclosed and patient rights regarding PHI.
- Read more →
NPI (National Provider Identifier)
The 10-digit HIPAA standard identifier for health care providers.
O
11 terms- Read more →
OA (Other Adjustment)
An X12 adjustment group code used when no other group code applies — frequently for coordination of benefits and other payer adjustments.
- Read more →
OASIS
Outcome and Assessment Information Set — the CMS-required patient assessment for home health beneficiaries.
- Read more →
Observation Care
Hospital outpatient status used when the patient requires monitoring but does not meet inpatient admission criteria.
- Read more →
OCR Civil Monetary Penalties (HIPAA)
HHS Office for Civil Rights' tiered CMP structure for HIPAA violations, with maximums adjusted annually for inflation.
- Read more →
OCR Right of Access Initiative
HHS Office for Civil Rights' enforcement focus on the patient right of access under 45 CFR 164.524.
- Read more →
OIG Compliance Program
Voluntary compliance program structure recommended by HHS-OIG for physician practices.
- Read more →
OIG Self-Disclosure
The HHS-OIG Self-Disclosure Protocol allowing providers to disclose actual or potential violations of federal fraud and abuse laws.
- Read more →
OIG Work Plan
The annual list of new and ongoing HHS-OIG audits, evaluations, and inspections.
- Read more →
Online Digital E/M (CPT 99421-99423)
CPT codes for online digital evaluation and management services provided by a physician for an established patient over the patient portal or other secure platform.
- Read more →
Organized Health Care Arrangement (OHCA)
A clinically or operationally integrated arrangement among legally-separate covered entities that holds out joint services and treats joint operations as a single entity for some HIPAA purposes.
- Read more →
Originating Site
Under traditional Medicare telehealth rules, the location of the patient at the time of the telehealth service.
P
37 terms- Read more →
Patch Management
The process of identifying, acquiring, installing, and verifying patches for software products and systems.
- Read more →
Patient Acknowledgment Form
A signed document by which the patient acknowledges receipt of the Notice of Privacy Practices.
- Read more →
Patient Portal
A secure web-based application that lets patients access portions of their health information and communicate with the practice.
- Read more →
Patient Right of Access
The HIPAA right of an individual to inspect and obtain a copy of their PHI in a designated record set.
- Read more →
Patient-Provider Dispute Resolution
Under the No Surprises Act, the process by which uninsured or self-pay patients may dispute a bill that exceeds the Good Faith Estimate by $400 or more.
- Read more →
PECOS (Provider Enrollment System)
The CMS online Provider Enrollment, Chain, and Ownership System used to submit and manage Medicare enrollment applications.
- Read more →
Penetration Testing
Authorized simulated attacks on systems to identify exploitable vulnerabilities.
- Read more →
Personal Representative
An individual with legal authority to act on behalf of another person regarding healthcare decisions and PHI access.
- Read more →
PHI (Protected Health Information)
Individually identifiable health information held or transmitted by a covered entity or its business associate, in any form.
- Read more →
Phishing
Social-engineering attack that uses deceptive email, text, or voice messages to trick recipients into revealing credentials or installing malware.
- Read more →
PHR (Personal Health Record)
An electronic record of identifiable health information drawn from multiple sources that is managed, shared, and controlled by or primarily for the individual.
- Read more →
Physical Safeguards
Physical measures, policies, and procedures to protect a covered entity's electronic information systems and related buildings and equipment from natural and environmental hazards and unauthorized intrusion.
- Read more →
Physician Fee Schedule (PFS)
The CMS Medicare reimbursement schedule for physician and certain non-physician practitioner services, published annually.
- Read more →
PI (Payer Initiated)
An X12 adjustment group code used when the payer is responsible for the adjustment (e.g., processing error).
- Read more →
Place of Service (POS) Code
Two-digit code on a CMS-1500 claim identifying where a service was provided.
- Read more →
Place of Service 11 (Office)
Place of service code for services furnished in a physician's office or other freestanding outpatient setting.
- Read more →
Place of Service 21 (Inpatient Hospital)
Place of service code for services furnished to a patient who has been admitted as an inpatient at a hospital.
- Read more →
Post-Payment Review
Payer review of paid claims after the fact, often resulting in overpayment determinations and recoupment.
- Read more →
PR (Patient Responsibility)
An X12 adjustment group code indicating the patient owes the amount (deductible, coinsurance, copay, or non-covered service).
- Read more →
PR-1 (Deductible)
Patient Responsibility 1 — the amount applied to the patient's deductible.
- Read more →
PR-2 (Coinsurance)
Patient Responsibility 2 — the patient's coinsurance share of the allowed amount.
- Read more →
PR-204 (Non-Covered Service)
Patient Responsibility 204 — patient is responsible for amounts the plan does not cover, often when an ABN or similar notice is on file.
- Read more →
PR-3 (Copay)
Patient Responsibility 3 — the patient's flat copay amount per service.
- Read more →
Pre-Payment Review
Payer review of selected claims before payment, requiring submission of supporting documentation.
- Read more →
Preclusion List
CMS list of prescribers and providers whose claims and prescriptions are denied payment by Medicare Advantage and Part D.
- Read more →
Prescription Drug Monitoring Program (PDMP)
State-administered electronic database tracking controlled substance prescriptions.
- Read more →
Preventive Services
USPSTF Grade A and B recommendations and ACIP-recommended vaccines that ACA-covered plans must cover without cost-sharing.
- Read more →
Primary Source Verification
Verification of a provider's credentials directly from the issuing source (e.g., medical school, residency, state licensing board).
- Read more →
Principal Care Management (PCM)
Care management for Medicare beneficiaries with a single high-risk chronic condition; billed under CPT 99424-99427.
- Read more →
Prior Authorization
Payer requirement that the practice obtain approval before delivering certain services, procedures, or drugs.
- Read more →
Problem List
The structured list of active and resolved diagnoses maintained in the electronic health record.
- Read more →
Professional Component
The portion of a procedure code (designated by modifier 26) representing the physician's interpretation or supervision, separate from the technical component.
- Read more →
Prolonged Services
Add-on codes used when a visit exceeds the time thresholds of the highest base E/M code.
- Read more →
Promoting Interoperability
The CMS program (formerly Meaningful Use) that rewards demonstrated use of CEHRT to improve patient care.
- Read more →
Provider Enrollment Revalidation
CMS requirement to periodically re-submit and validate enrollment information to remain Medicare-enrolled.
- Read more →
Psychotherapy Notes
Notes recorded by a mental health professional documenting or analyzing a counseling session, separated from the rest of the individual's medical record.
- Read more →
Pulmonary Function Testing (94010-94799)
CPT codes for spirometry, lung volumes, diffusion capacity, and other pulmonary function tests.
Q
2 terms- Read more →
QMB (Qualified Medicare Beneficiary)
A category of dual-eligible whose Medicare cost-sharing (deductibles, coinsurance, premiums) is paid by Medicaid.
- Read more →
Quality Payment Program (QPP)
CMS framework that combines MIPS and Advanced APMs to tie physician Medicare payments to quality and value.
R
24 terms- Read more →
RAC Audit Trigger
Documentation or coding pattern that increases the likelihood of a Recovery Audit Contractor review.
- Read more →
Radiology Modifier Pairs (TC and 26)
The professional (26) and technical (TC) component modifiers commonly applied to radiology procedure codes.
- Read more →
Ransomware
Malicious software that encrypts data or systems and demands payment for decryption; HHS guidance generally presumes a ransomware event on ePHI is a HIPAA breach.
- Read more →
RARC (Remittance Advice Remark Code)
X12-maintained codes that supplement the CARC with additional information about a claim adjustment.
- Read more →
Readmission Reduction Program (HRRP)
CMS program that reduces payments to hospitals with excess 30-day readmissions for certain conditions.
- Read more →
Reconsideration
The second level of the Medicare claims appeal process, conducted by a Qualified Independent Contractor (QIC).
- Read more →
Recoupment
A payer's withholding of current claim payments to offset prior overpayments.
- Read more →
Recovery Audit Contractor (RAC)
CMS contractors who identify and recover improper Medicare payments through review of paid claims.
- Read more →
Recredentialing
The periodic re-verification of provider credentials, typically every three years for most commercial payers.
- Read more →
Red Flags Rule
FTC rule (16 CFR Part 681) requiring creditors and certain financial institutions to develop and implement an Identity Theft Prevention Program.
- Read more →
Redetermination
The first level of the Medicare claims appeal process, conducted by the MAC.
- Read more →
Release of Information (ROI)
The process of disclosing patient records to authorized parties pursuant to a valid authorization or other permitted purpose.
- Read more →
Remote Access
Workforce member access to an organization's information systems from outside the organization's networks.
- Read more →
Remote Physiologic Monitoring (RPM)
Codes (CPT 99453-99458) covering the monitoring and treatment management of physiologic data transmitted from a patient's device.
- Read more →
Remote Therapeutic Monitoring (RTM)
Codes (CPT 98975-98981) covering monitoring of non-physiologic therapeutic data such as musculoskeletal and respiratory therapy adherence.
- Read more →
Research and HIPAA
HIPAA-authorized pathways for using or disclosing PHI for research, including authorization, IRB waiver, limited data sets with data use agreement, and decedent research.
- Read more →
Revenue Cycle Management (RCM)
The end-to-end administrative function tracking patient care episodes from registration through final payment.
- Read more →
Revocation
Termination of a provider's Medicare enrollment for grounds enumerated at 42 CFR 424.535, including non-compliance, felony convictions, false information, abuse of billing privileges.
- Read more →
Risk Adjustment
Adjustment of payment to plans or providers based on the health status and demographic characteristics of the enrollee population.
- Read more →
Risk Management Plan
The documented plan that implements security measures sufficient to reduce risks identified in the Security Risk Analysis to a reasonable and appropriate level.
- Read more →
Risk Register
A living document that records identified risks, their likelihood and impact ratings, owners, and remediation status.
- Read more →
Role-Based Access Control (RBAC)
An access control model that grants permissions based on the workforce member's role rather than to each individual.
- Read more →
Rural Health Clinic
A federally certified clinic in an underserved rural area that bills Medicare under a special all-inclusive rate methodology.
- Read more →
RVU (Relative Value Unit)
The basic unit of measure used in the Medicare Physician Fee Schedule, composed of work, practice expense, and malpractice components.
S
18 terms- Read more →
SAM.gov Screening
Screening of staff and vendors against the federal System for Award Management exclusion list.
- Read more →
Sanctions Policy
The HIPAA-required policy that imposes appropriate consequences on workforce members who violate the covered entity's privacy and security policies.
- Read more →
Secure Patient Messaging
Communication channels that allow patients to exchange PHI with the practice through encrypted, authenticated portals.
- Read more →
Security Awareness Training
Periodic training for workforce members on security risks, recognition, and reporting.
- Read more →
Security Risk Analysis
The accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI required by the HIPAA Security Rule.
- Read more →
Self-Pay Patient
A patient who pays for healthcare services directly, either because they are uninsured or because they elect to pay without using insurance.
- Read more →
Signature Requirements
Medicare's requirements that medical records be authenticated by the author with a handwritten or electronic signature.
- Read more →
Sliding Fee Discount Scale
A discount schedule based on family income and size, required of HRSA-funded health centers for patients at or below 200% of FPL.
- Read more →
SNF (Skilled Nursing Facility)
Medicare-covered short-term skilled nursing care following a qualifying hospital stay, paid under the SNF PPS using PDPM.
- Read more →
Snooping Investigation
A documented investigation when audit logs show a workforce member accessed a patient record without a legitimate treatment, payment, or operations purpose.
- Read more →
SOAP Note
Subjective, Objective, Assessment, and Plan — the four-part structured clinical note format used in most ambulatory encounters.
- Read more →
Social Determinants of Health (SDOH)
Non-medical factors influencing health outcomes — housing, food security, transportation, employment, education, and social support.
- Read more →
Stark Law
Federal statute (42 USC 1395nn) prohibiting physicians from referring Medicare/Medicaid patients for designated health services to entities with which the physician has a financial relationship, unless an exception applies.
- Read more →
State Medicaid Plan
Each state's CMS-approved plan describing eligibility, benefits, provider participation, and payment for Medicaid.
- Read more →
State Privacy Laws (vs. HIPAA)
State health-information privacy laws that may impose stricter requirements than HIPAA.
- Read more →
Step Therapy
A payer requirement that less expensive drug or service options be tried before more expensive alternatives are covered.
- Read more →
Subcontractor Business Associate
A business associate that creates, receives, maintains, or transmits PHI on behalf of another business associate.
- Read more →
Surgical Pathology Codes (88300-88309)
CPT codes for surgical pathology specimen examination, stratified by specimen complexity.
T
17 terms- Read more →
Taxonomy Code
A 10-character code that classifies provider specialties for HIPAA transactions.
- Read more →
Technical Component
The portion of a procedure code (designated by modifier TC) representing equipment, supplies, and technical staff used to perform a service.
- Read more →
Technical Safeguards
Technology and the policy and procedures for its use that protect ePHI and control access to it.
- Read more →
Telehealth
Delivery of health care services through audio-video or audio-only technology when the patient is not at the same location as the practitioner.
- Read more →
Telehealth HIPAA Considerations
The HIPAA Privacy and Security Rule applies to telehealth services; technology choices must support the safeguards.
- Read more →
Telehealth POS Codes (02 and 10)
Place of Service 02 (telehealth other than home) and POS 10 (telehealth in patient's home) identify telehealth encounters on professional claims.
- Read more →
Telemedicine Parity Law
State laws requiring commercial insurers to cover and/or pay telehealth services at the same rate as in-person services.
- Read more →
Telephone Visit (CPT 99441-99443)
CPT codes for telephone evaluation and management services provided by a physician to an established patient when the call is not related to an E/M service performed within the previous seven days or leading to an E/M within 24 hours.
- Read more →
Third-Party Risk Management (TPRM)
The broader program of identifying, assessing, monitoring, and mitigating risks introduced by third-party relationships.
- Read more →
Threat Source
Any circumstance or event with potential to adversely impact organizational operations, assets, individuals, or the nation through unauthorized access, destruction, disclosure, or modification of information.
- Read more →
Time-Based Billing
Method for selecting an E/M level using the total time spent on the date of the encounter.
- Read more →
Timely Filing
The payer's deadline for receiving an initial claim, after which the claim is denied as untimely.
- Read more →
Total Cost of Care (TCOC)
All medical expense related to a patient population over a defined period, used as a key metric in value-based contracts.
- Read more →
Transitional Care Management (TCM)
Care management following discharge from an inpatient, partial-hospital, or observation stay; CPT 99495 (moderate complexity) and 99496 (high complexity).
- Read more →
Transmission Security
Technical security measures to guard against unauthorized access to ePHI that is being transmitted over an electronic communications network.
- Read more →
Treatment, Payment, and Operations (TPO)
The three categories of permitted PHI use and disclosure that do not require patient authorization.
- Read more →
Two-Midnight Rule
Medicare policy that generally treats a stay spanning two midnights as appropriate for inpatient admission.
U
5 terms- Read more →
UDS Reporting
The Uniform Data System annual report required of HRSA-funded health centers.
- Read more →
Underpayment Recovery
The process of identifying and recovering claims paid at less than the contracted rate.
- Read more →
Unspecified Diagnosis Code
An ICD-10-CM code ending in characters that signal the documentation lacked the specificity for a more precise code.
- Read more →
UPIC (Unified Program Integrity Contractor)
CMS contractors that investigate and address fraud, waste, and abuse in Medicare and Medicaid.
- Read more →
USCDI
United States Core Data for Interoperability — the ONC-defined data set required to be exchangeable by certified EHRs.
V
3 terms- Read more →
Value-Based Care
Reimbursement models that pay providers based on quality and outcomes rather than fee-for-service volume.
- Read more →
Vendor Risk Assessment
The process of evaluating a vendor's security and privacy posture before sharing PHI or granting system access.
- Read more →
Vulnerability Assessment
The systematic examination of an information system to determine the adequacy of security measures, identify deficiencies, and provide data from which to predict the effectiveness of proposed security measures.
W
5 terms- Read more →
Whistleblower (Qui Tam)
Under the False Claims Act, a private person who files suit on behalf of the United States alleging fraud and shares in the recovery.
- Read more →
Workforce Termination Procedures
Procedures that promptly remove workforce member access to ePHI upon termination of employment or change of role.
- Read more →
Workforce Training
HIPAA-required training of workforce members on the covered entity's privacy and security policies.
- Read more →
Workstation Use Policy
HIPAA-required policy specifying the proper functions, manner, and physical attributes of workstations that access ePHI.
- Read more →
wRVUs (Work RVUs)
The work component of the Relative Value Unit, reflecting the time, technical skill, mental effort, and stress required to perform a service.
X
1 termThe terms are free. The workflow is the product.
Every entry hands you into the workspace where that term actually shows up: Ask D3 for billing research, the Denial Workbench for CARC/RARC codes, the Compliance Binder for HIPAA documentation, SRA Studio for risk analysis.