AoR+L1+Use+Case+-+Glossary+of+Terms

include component="page" wikiName="siframework" page="esMD Header"

Note: These are draft definitions and will be discussed and revised by the esMD community as needed.


 * **Authentication (NIST) -** Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information. [NS4009]
 * **Author (of Record) -** The signature of an individual that pertains to a patient’s document entry made at the time of service.
 * **Certificate Authority (NIST)-** An authority trusted by one or more users to issue and manage X.509 Public Key Certificates and CARLs or CRLs.
 * **Data Integrity (NIST) -** Data integrity is a property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored. Alteration includes the insertion, deletion and substitution of data.
 * **Decryption** - The reverse process of encryption, i.e., to make the encrypted information readable again, is referred to as decryption (i.e., to make it unencrypted).
 * **Delegation of Rights** - The ability to delegate rights or authority to another to act in a specific capacity on behalf of the grantor of the right. (Note - We need to properly define and agree on terminology during the Use Case development for AoR L1 so as to differentiate between A) Delegation of Rights that support esMD UC 1 and UC 2 and B) Delegation of Rights at the patient documentation level)
 * **Digital Certificate (NIST) -** A digital representation of information which at least (1) identifies the certification authority issuing it, (2) names or identifies its subscriber, (3) contains the subscriber's public key, (4) identifies its operational period, and (5) is digitally signed by the certification authority issuing it. [ABADSG].
 * **Digital Identity Management -** A trusted authority is responsible for creating the key pair, distributing the private key, publishing the public key and revoking the keys as necessary. The “Passport Office” of the Digital World. Example – Digital Certificate. Certificate Contents typically include Owner's public key, Owner's unique name, Expiration date of the public key, Name of the issuer (the CA that issued the Digital Certificate, Serial number of the Digital Certificate, and Digital signature of the issuer. They are typically stored as software tokens, browser certificate stores, and hardware tokens (Smart Cards, USB Tokens).
 * **Digital Signatures-** An individual digitally signs a document using the private key component of his certificate. (From NIST - The result of a transformation of a message by means of a cryptographic system using keys such that a Relying Party can determine: (1) whether the transformation was created using the private key that corresponds to the public key in the signer’s digital certificate; and (2) whether the message has been altered since the transformation was made.)
 * **Document** - Will be defined during Use Case development
 * **"Document Bundle" -** To be defined during Use Case development
 * **Documentation** - To be defined
 * **Encryption** - In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.
 * **Identity** - A unique name of an individual person or legal entity. Since the legal names of persons and entities are not necessarily unique, the identity of a person or entity must include sufficient additional information (for example an address and NPI number) to make the complete name unique.
 * **Identity Proofing** - The process by which the credential issuer validates sufficient information to uniquely identify a person or entity applying for the credential. It proves that the identity exists, proves the applicant is entitled to that identity, and address the potential for fraudulent issuance of credentials based on collusion.
 * **Non-repudiation (NIST) -** Non-repudiation is a service that is used to provide assurance of the integrity and origin of data in such a way that the integrity and origin can be verified by a third party. This service prevents an entity from successfully denying involvement in a previous action.
 * **Proof of Authorship -** To be defined
 * **Public Key Infrastructure -** A set of policies, processes, server platforms, software and workstations used for the purpose of administering certificates and public-private key pairs, including the ability to issue, maintain, and revoke public key certificates.
 * **Registration Authority (NIST) -**An entity that is responsible for identification and authentication of certificate subjects, but that does not sign or issue certificates (i.e., a Registration Authority is delegated certain tasks on behalf of an authorized CA).
 * **Signature** - To be defined if separate from Digital Signature

include component="page" wikiName="siframework" page="space.template.inc_contentleft_end"