Terms & Terminology
Disclaimer: For informational purposes only. This content is designed for data professionals learning healthcare domain knowledge, not for medical or insurance advice.
TL;DR
Master 60+ essential healthcare terms: coding systems (CPT, ICD-10, DRG), insurance types (HMO, PPO), cost-sharing (deductible, copay, coinsurance), regulations (HIPAA, ACA), and data standards (EDI 837/835, HL7, FHIR). This is the vocabulary you need to speak healthcare fluently.
Explain Like I'm 12
Healthcare has its own language — kind of like how every video game has abbreviations and terms you need to learn before you can play well. "CPT" is a code for what the doctor did. "ICD-10" is a code for what's wrong with you. "HIPAA" is the rule that says your medical info is private. "EDI" is how computers talk to each other to send bills and payments.
Once you learn these terms, everything else in healthcare data starts making sense. It's like learning the controls before you play the game.
Healthcare Terminology Map
Coding Systems
Healthcare runs on codes. Every diagnosis, procedure, drug, and supply has a standardized code. If you're doing any healthcare data work, you'll encounter these daily.
| Code System | What It Codes | Format | Example | Maintained By |
|---|---|---|---|---|
| CPT | Procedures & services (what was done) | 5-digit numeric | 99213 = office visit, established patient, moderate complexity | AMA |
| ICD-10-CM | Diagnoses (what's wrong) | 3-7 alphanumeric | E11.9 = Type 2 diabetes without complications | WHO / CMS |
| ICD-10-PCS | Inpatient procedures | 7 alphanumeric | 0SR9019 = hip replacement, cemented | CMS |
| DRG | Hospital stay groupings (for payment) | 3-digit numeric | DRG 470 = major hip/knee replacement | CMS |
| HCPCS Level II | Supplies, equipment, non-physician services | Letter + 4 digits | E0601 = CPAP machine | CMS |
| NDC | Drugs (specific manufacturer + package) | 10-11 digit (5-4-2 or 5-4-1) | 0002-4462-01 = specific insulin product | FDA |
| Revenue Codes | Department/service area on facility claims | 4-digit numeric | 0120 = Room & board, semi-private | NUBC |
The CPT + ICD-10 relationship: Every claim has both. CPT tells the payer what was done (procedure). ICD-10 tells the payer why it was done (diagnosis). The payer checks if the diagnosis justifies the procedure — this is called "medical necessity." If the ICD-10 code doesn't support the CPT code, the claim gets denied.
Insurance & Plan Terms
Plan Types
| Plan Type | Full Name | Network Rules | Referral Needed? | Cost Level |
|---|---|---|---|---|
| HMO | Health Maintenance Organization | In-network only (except emergencies) | Yes, need PCP referral | Lowest premiums |
| PPO | Preferred Provider Organization | In-network preferred, out-of-network covered at higher cost | No | Higher premiums, most flexible |
| EPO | Exclusive Provider Organization | In-network only (except emergencies) | No | Moderate premiums |
| POS | Point of Service | In-network preferred, out-of-network covered at higher cost | Yes, need PCP referral | Moderate premiums |
| HDHP | High Deductible Health Plan | Varies (often PPO network) | No | Lowest premiums, highest deductible, paired with HSA |
Cost-Sharing Terms
- Premium: Monthly amount paid to maintain coverage (often split between employee and employer)
- Deductible: Amount you pay out-of-pocket before insurance starts paying (e.g., $2,000/year)
- Copay: Fixed dollar amount per service (e.g., $30 for a PCP visit, $50 for a specialist)
- Coinsurance: Percentage you pay after meeting the deductible (e.g., you pay 20%, plan pays 80%)
- Out-of-pocket maximum: The annual cap on your total costs. Once reached, the plan pays 100%
- In-network: Providers who have contracted rates with your insurance — always cheaper
- Out-of-network: Providers without a contract — higher costs, sometimes not covered at all
- Prior authorization: Payer must approve a service before the provider delivers it
- Formulary: The payer's list of covered drugs, organized in tiers (Tier 1 = cheapest, Tier 4 = most expensive)
- Step therapy: Requirement to try cheaper drugs first before the plan covers expensive ones
Government Programs
| Program | Who's Eligible | What It Covers | Key Detail |
|---|---|---|---|
| Medicare Part A | Age 65+, disabled, ESRD | Hospital (inpatient), skilled nursing, hospice | Most people don't pay a Part A premium (earned through payroll taxes) |
| Medicare Part B | Same as Part A | Outpatient, doctor visits, preventive, durable medical equipment | Monthly premium (~$185/month in 2026), 80/20 coinsurance |
| Medicare Part C | Anyone with Parts A & B | All of A + B (often includes drugs, vision, dental) | Medicare Advantage — run by private insurers, where STAR ratings apply |
| Medicare Part D | Anyone with Medicare | Prescription drugs | Separate premium, formulary-based, "donut hole" coverage gap |
| Medicaid | Low-income individuals and families | Comprehensive — varies by state | Jointly funded by federal and state governments, run by states |
| CHIP | Children in families above Medicaid but below commercial affordability | Pediatric care | State-administered, federal matching funds |
| ACA Marketplace | Individuals without employer/government coverage | Essential health benefits (10 categories) | Subsidies based on income, open enrollment period |
| VA / TRICARE | Veterans / active military and families | Comprehensive | VA runs its own hospitals; TRICARE uses civilian network |
Regulations & Compliance
Healthcare is one of the most heavily regulated industries in the US. As a data professional, compliance isn't optional — it's part of your job.
HIPAA (Health Insurance Portability and Accountability Act)
HIPAA has three rules that matter for data professionals:
- Privacy Rule: Defines what constitutes PHI (Protected Health Information) and who can access it
- Security Rule: Technical safeguards for electronic PHI (ePHI) — encryption, access controls, audit logs
- Transaction Rule: Mandates standard EDI formats (837, 835, 270/271, etc.) for electronic healthcare transactions
PHI (Protected Health Information) includes any individually identifiable health information: name, DOB, SSN, medical record number, diagnoses, treatment records. Combining even seemingly innocuous data points (zip code + DOB + gender) can constitute PHI.
BAA (Business Associate Agreement): Any vendor that touches PHI must sign a BAA with the covered entity. This includes cloud providers, analytics vendors, and data warehouse companies.
Data professional insight: HIPAA is about both data privacy AND transaction standards. The EDI formats (837, 835) are HIPAA-mandated — they're not just an industry convention, they're federal law. When someone says "HIPAA transaction," they mean the standard electronic formats.
Other Key Regulations
| Regulation | What It Does | Data Impact |
|---|---|---|
| ACA (Affordable Care Act) | Created marketplaces, essential health benefits, individual mandate (now $0 penalty) | Expanded enrollment data, new reporting requirements (1094/1095 forms) |
| ERISA | Governs employer-sponsored health plans (self-insured) | Self-insured plans exempt from state regulation — affects data governance |
| Stark Law | Prohibits physician self-referral for designated services | Claims analysis for referral patterns, compliance monitoring |
| Anti-Kickback Statute | Prohibits paying for patient referrals | Fraud analytics, relationship mapping between providers |
| No Surprises Act | Protects patients from surprise out-of-network bills | Claims repricing logic, network status validation |
Data Standards & EDI
Healthcare data exchange uses a set of standard formats. If you're a data engineer or analyst in healthcare, these are the files you'll be parsing, building, and troubleshooting.
EDI Transactions (X12)
| Transaction | Name | What It Does | Direction |
|---|---|---|---|
| 837P | Professional Claim | Doctor/outpatient billing | Provider → Payer |
| 837I | Institutional Claim | Hospital/facility billing | Provider → Payer |
| 837D | Dental Claim | Dental billing | Provider → Payer |
| 835 | Remittance Advice | Payment explanation (EOB equivalent) | Payer → Provider |
| 270 | Eligibility Inquiry | "Is this patient covered?" | Provider → Payer |
| 271 | Eligibility Response | "Yes/no, here are the benefits" | Payer → Provider |
| 276 | Claim Status Inquiry | "What happened to my claim?" | Provider → Payer |
| 277 | Claim Status Response | "Here's where your claim stands" | Payer → Provider |
| 278 | Prior Authorization | Request and response for service approval | Both directions |
| 834 | Enrollment | Member enrollment/disenrollment | Plan sponsor → Payer |
| 820 | Payment/Remittance | Premium payment | Plan sponsor → Payer |
Anatomy of an 837 Claim
Here's a simplified view of what an 837P (professional claim) looks like. In reality, these files can be thousands of lines long, but the structure follows a predictable segment pattern:
ISA*00* *00* *ZZ*SENDER *ZZ*RECEIVER *260329*1200*^*00501*000000001*0*P*:~ -- Interchange header
GS*HC*SENDER*RECEIVER*20260329*1200*1*X*005010X222A1~ -- Functional group
ST*837*0001*005010X222A1~ -- Transaction set (837 = claim)
BHT*0019*00*12345*20260329*1200*CH~ -- Beginning of transaction
NM1*85*1*SMITH*JOHN****XX*1234567890~ -- Billing provider (NPI: 1234567890)
NM1*IL*1*DOE*JANE****MI*ABC123456~ -- Patient (member ID: ABC123456)
CLM*CLAIM001*150***11:B:1*Y*A*Y*Y~ -- Claim: $150, office visit
DTP*472*D8*20260315~ -- Service date: March 15, 2026
HI*ABK:E119~ -- Diagnosis: E11.9 (Type 2 diabetes)
SV1*HC:99213*150*UN*1***1~ -- Service: CPT 99213 (office visit), $150
SE*10*0001~ -- End of transaction
GE*1*1~ -- End of group
IEA*1*000000001~ -- End of interchange
Data engineer reality: If you're a data engineer in healthcare, you will parse 837s and 835s. Learn the segment structure — ISA/GS/ST are envelope headers, CLM is the claim, SV1 is the service line, HI is the diagnosis. Most healthcare ETL pipelines start by splitting these files into relational tables.
HL7 v2
HL7 v2 is the legacy standard for clinical data exchange. It uses pipe-delimited messages and is still the dominant format in hospital systems despite being decades old. You'll see it in ADT (admission/discharge/transfer) messages, lab results, and orders.
FHIR (Fast Healthcare Interoperability Resources)
FHIR is the modern standard — a REST API-based, JSON-native approach to healthcare data exchange. CMS now mandates FHIR APIs for certain use cases. If HL7 v2 is the fax machine of healthcare data, FHIR is the modern API. It's gaining adoption rapidly, but HL7 v2 is still everywhere.
X12
X12 is the standard behind all EDI transactions in healthcare (837, 835, 270/271, etc.). It's maintained by the Accredited Standards Committee (ASC) X12. When people say "EDI," they usually mean X12-formatted transactions.
Acronym Quick Reference
Healthcare loves acronyms. Here are the 40+ you'll encounter most often, organized alphabetically:
| Acronym | Full Name | One-Line Definition |
|---|---|---|
| ACA | Affordable Care Act | 2010 law that created marketplaces, expanded Medicaid, mandated essential health benefits |
| ACO | Accountable Care Organization | Provider group sharing financial responsibility for a patient population |
| ADT | Admission, Discharge, Transfer | HL7 message type tracking patient movements in a hospital |
| BAA | Business Associate Agreement | Contract required for any vendor handling PHI |
| CAHPS | Consumer Assessment of Healthcare Providers and Systems | Patient satisfaction survey used in STAR ratings |
| CHIP | Children's Health Insurance Program | State-run coverage for children in families above Medicaid threshold |
| CMS | Centers for Medicare & Medicaid Services | Federal agency running Medicare/Medicaid and setting industry standards |
| CPT | Current Procedural Terminology | 5-digit codes for medical procedures (maintained by AMA) |
| DRG | Diagnosis-Related Group | Groups hospital stays for inpatient payment purposes |
| EDI | Electronic Data Interchange | Standard electronic format for healthcare transactions (claims, eligibility, etc.) |
| EHR | Electronic Health Record | Digital version of a patient's medical chart (Epic, Cerner) |
| EOB | Explanation of Benefits | Document from payer explaining what was paid on a claim |
| EPO | Exclusive Provider Organization | In-network-only plan without referral requirements |
| ERISA | Employee Retirement Income Security Act | Federal law governing self-insured employer health plans |
| FDA | Food & Drug Administration | Approves drugs, biologics, and medical devices |
| FHIR | Fast Healthcare Interoperability Resources | Modern REST API standard for healthcare data exchange (JSON-based) |
| HCC | Hierarchical Condition Category | Diagnosis groupings used for Medicare risk adjustment |
| HCPCS | Healthcare Common Procedure Coding System | Level I = CPT; Level II = supplies, equipment, non-physician services |
| HDHP | High Deductible Health Plan | Low-premium plan with high deductible, paired with HSA |
| HEDIS | Healthcare Effectiveness Data & Information Set | Quality measures used by 90% of US health plans (maintained by NCQA) |
| HHS | Dept. of Health & Human Services | Parent federal agency for CMS, FDA, CDC, NIH, OIG |
| HIE | Health Information Exchange | Organization/network that shares patient data between providers |
| HIPAA | Health Insurance Portability and Accountability Act | Federal law governing health data privacy, security, and transaction standards |
| HL7 | Health Level 7 | Standard for clinical data exchange (v2 = pipe-delimited, legacy but dominant) |
| HMO | Health Maintenance Organization | In-network-only plan requiring PCP referrals |
| HSA | Health Savings Account | Tax-advantaged account paired with HDHP for medical expenses |
| ICD-10 | International Classification of Diseases, 10th Revision | Diagnosis codes (70,000+ codes) used worldwide |
| MCO | Managed Care Organization | Entity managing Medicaid benefits under state contract |
| NCQA | National Committee for Quality Assurance | Maintains HEDIS measures, accredits health plans |
| NDC | National Drug Code | 10-11 digit code identifying specific drug products |
| NPI | National Provider Identifier | Unique 10-digit number for every healthcare provider |
| OIG | Office of Inspector General | Investigates healthcare fraud, maintains exclusion list |
| PBM | Pharmacy Benefit Manager | Manages drug benefits, negotiates prices (CVS Caremark, Express Scripts, OptumRx) |
| PCP | Primary Care Physician | Patient's main doctor, often a gatekeeper in HMO plans |
| PHI | Protected Health Information | Any individually identifiable health data protected by HIPAA |
| PMPM | Per Member Per Month | Standard unit for measuring healthcare costs and payments |
| POS | Point of Service | Plan type allowing out-of-network use with PCP referral |
| PPO | Preferred Provider Organization | Flexible plan allowing out-of-network use at higher cost |
| RAF | Risk Adjustment Factor | Multiplier for per-member payments based on patient health status |
| SDOH | Social Determinants of Health | Non-clinical factors (income, housing, education) affecting health outcomes |
| TPA | Third Party Administrator | Processes claims for self-insured employers (without bearing risk) |
| UM | Utilization Management | Process of reviewing and authorizing healthcare services for necessity |
Test Yourself
Q: What's the difference between CPT and ICD-10 codes?
CPT codes describe what was done (procedures/services) — e.g., 99213 = office visit. ICD-10 codes describe what's wrong (diagnoses) — e.g., E11.9 = Type 2 diabetes. Every claim needs both: the CPT tells the payer what service was provided, and the ICD-10 justifies why it was medically necessary.
Q: What are the three rules of HIPAA that matter for data professionals?
The Privacy Rule (defines PHI and who can access it), the Security Rule (technical safeguards for electronic PHI — encryption, access controls, audit logs), and the Transaction Rule (mandates standard EDI formats like 837 and 835 for electronic healthcare transactions).
Q: What's the difference between an HMO and a PPO?
An HMO restricts you to in-network providers and requires a PCP referral to see specialists (lower cost, less flexibility). A PPO allows both in-network and out-of-network providers without referrals (higher cost, more flexibility). Most employer plans are PPOs because employees value the flexibility.
Q: What is an 837 transaction, and what is an 835?
An 837 is a claim submitted from a provider to a payer (837P for professional, 837I for institutional, 837D for dental). An 835 is the remittance advice — the payer's response explaining what was paid, denied, or adjusted. Think of 837 as the bill and 835 as the payment explanation.
Q: What does DRG stand for, and how is it used?
DRG (Diagnosis-Related Group) groups hospital inpatient stays into categories for payment purposes. Instead of paying per service, Medicare pays a fixed amount per DRG. For example, DRG 470 = hip/knee replacement. The hospital gets the same DRG payment whether the patient stays 3 days or 7 days, incentivizing efficiency.
Interview Questions
Q: Explain the key EDI transactions in healthcare and their purpose.
The core EDI transactions are: 837 (claim submission — P for professional, I for institutional, D for dental), 835 (remittance advice — payment explanation from payer), 270/271 (eligibility inquiry and response), 276/277 (claim status inquiry and response), 278 (prior authorization), 834 (enrollment/disenrollment), and 820 (premium payment). These are all X12-formatted, HIPAA-mandated standards. In a typical claims workflow: a provider sends a 270 to check eligibility, submits an 837 to bill, receives an 835 for payment, and uses 276/277 to check on pending claims.
Q: What is HIPAA, and how does it affect data professionals?
HIPAA (Health Insurance Portability and Accountability Act) has three rules relevant to data professionals. The Privacy Rule defines PHI (Protected Health Information) and restricts how it can be used and disclosed. The Security Rule mandates technical safeguards for ePHI: encryption at rest and in transit, role-based access controls, and audit logging. The Transaction Rule standardizes electronic healthcare exchanges (EDI 837, 835, etc.). For data professionals, this means: all data pipelines handling PHI must be encrypted, access must be logged and role-based, de-identification protocols must be followed for analytics, and any vendor touching PHI needs a BAA (Business Associate Agreement).
Q: What is the difference between ICD-10 and CPT coding systems?
ICD-10 (International Classification of Diseases) codes diagnoses — what's wrong with the patient (e.g., E11.9 = Type 2 diabetes). There are 70,000+ codes, maintained by WHO/CMS. CPT (Current Procedural Terminology) codes procedures — what was done (e.g., 99213 = office visit). There are ~10,000 codes, maintained by the AMA. Both appear on every claim. The payer verifies "medical necessity" by checking if the ICD-10 diagnosis justifies the CPT procedure. Mismatches cause claim denials. For data professionals, understanding the CPT-ICD relationship is essential for claims analytics, coding accuracy, and denial management reporting.
Q: Compare HMO, PPO, and HDHP plan types.
HMO (Health Maintenance Organization): in-network only, requires PCP referrals, lowest premiums but least flexibility. PPO (Preferred Provider Organization): in- and out-of-network, no referrals needed, higher premiums but most flexibility. HDHP (High Deductible Health Plan): high deductible (minimum $1,600 individual / $3,200 family in 2026), lowest premiums, paired with an HSA (Health Savings Account) for tax-advantaged medical spending. From a data perspective, plan type affects claims patterns: HMO members have concentrated in-network claims; PPO members have broader network utilization; HDHP members tend to defer care early in the year (pre-deductible) and increase utilization later.