If you’ve been reading the latest in healthcare regulations, rulings, and requirements, you’ve probably done a good deal of head-scratching. Not only is the writing clear as mud (I’d be remiss not to plug the benefits of good copywriters here), but the US government has also created its own language of initialisms—not all that surprising if you consider the government’s track record (think CIA, FBI, NSA, etc.).

But before you get bogged down with these new two-, three-, and five-letter words—and start shouting out a few choice four-letter ones—we thought we’d give you a helping hand. Here’s how you can decipher this acronym alphabet soup—sans Cracker Jack decoder ring.

HIT: Health information technology (or health IT) is the electronic exchange of health information.

EMR: Electronic medical records are digital versions of a clinicians’ paper charts. Together, they make up an electronic medical record system, which contains the treatment history of patients within one clinic or group.

EHR: Electronic health records are also digital versions of clinicians’ paper charts. However, electronic health record systems are designed to share information among providers across healthcare organizations (e.g., hospitals and physician’s offices).

PHR: Personal health records are patient-managed, online health records that can come from a variety of sources. For perspective, EMRs and EHRs are provider-managed health records.

HIPAA: The Health Insurance Portability and Accountability Act of 1996 contains the Privacy Rule, which establishes how certain groups, clearinghouses, organizations, and businesses must handle protected health information (see PHI below).

PHI: Protected health information is individually identifiable health information relating to the past, present, or future of any of the following:

  • Physical or mental health or condition
  • Provision of health care
  • Payment for the provision of health care

BA: A business associate is a person who, or an organization that, performs a HIPAA-regulated function or activity on behalf of a covered entity (e.g., an EMR).

CE: A covered entity is a healthcare provider, a health plan, or a healthcare clearinghouse that transmits HIPAA-covered health information.

BAA: A business associate agreement is a contract between a covered entity and a business associate that outlines how each party will address PHI in accordance with HIPAA guidelines.

There you have it—we’ve deciphered some of the most common two-, three-, and five-letter initialisms courtesy of Uncle Sam. Did we miss a piece of healthcare jargon that has you in a huff? Leave us a note in the comments section, and we’ll help you crack its code, too.