Glossary

Activity based funding refers to a systematic method of remuneration to healthcare providers based upon a predetermined episode of care payable to the provider upon the separation of the patient from the providers of the healthcare (i.e., conclusion of the healthcare service).   ABF differs from fee-for-service in that all the constituent services associated with the continuum of care are bundled into the one fee payable upon completion of the care. 

A leadership approach that involves being flexible and responsive to complex challenges and changing conditions, encouraging continuous learning and experimentation to navigate ambiguity in environments like healthcare.

The protection of personal and sensitive patient information to prevent unauthorized access and ensure confidentiality, particularly when using AI tools in healthcare (Reddy & Shaikh, 2025). 

The use of machine learning models, particularly CNNs, to analyze medical images and detect conditions such as tumors, fractures, or other abnormalities with high accuracy (Rajpurkar et al., 2017). 

The potential for AI algorithms to unintentionally produce biased outcomes, often due to unrepresentative data, leading to inequities in healthcare decision-making (Iqbal, Hsu, Celi, & Li, 2024).

The Australian Refined Diagnosis Related Groups (AR-DRG) classification provides a clinically meaningful way to relate or group the number and type of patients treated in admitted acute episodes of care to the resources required in treatment (Independent Health and Aged Care Pricing Authority, 2023e).

A branch of computer science that involves creating systems capable of performing tasks that typically require human intelligence, such as diagnostic processes, personalised care, and predictive analytics (Reddy et al., 2019). 

Attack Surface is the sum total of all the points in a system or network that are vulnerable to potential cyber attacks.

A leadership style where individuals understand their purpose, practice professional values, build strong relationships, and exhibit self-discipline, which can lead to improved job satisfaction among their teams.

The process of verifying the identity of a user, device, or system to ensure that they are who they claim to be. It typically involves presenting credentials, such as passwords, biometric data, or cryptographic keys, and validating them against a trusted source. 

The process of granting or denying access to resources or systems. It determines what a user or entity is permitted to do, and follows the verification process undertaken by authentication.

A system that ensures correct drug delivery by scanning barcodes on medications and patients, reducing medication administration errors (Poon et al., 2010). 

The security goal that aims to ensure that data, resources, and services are accessible and usable when needed by authorised users. It involves preventing disruptions, downtime, or denial of service attacks that could hinder access to critical systems or information. 

According to IBM [opens in new tab] "Avro is an open source project that provides data serialisation and data exchange services for Apache Hadoop. These services can be used together or independently. Avro facilitates the exchange of big data between programs written in any language."

According to IBM [opens in new tab] "Apache Parquet is an open source [opens in new tab] columnar storage format used to efficiently store, manage and analyse large datasets [opens in new tab]. Unlike row-based storage formats such as CSV or JSON, Parquet organises data in columns to improve query performance and reduce data storage costs".

The process of examining large and varied datasets to uncover hidden patterns, correlations, and other insights that can be used to improve healthcare outcomes (Jiang et al., 2017).

A decentralised technology that enhances data security, transparency, and patient consent management by providing tamper-proof records of health data transactions (Agbo et al., 2019).

The process, tools, and techniques used to manage the "people side" of change to achieve required business outcomes on time and within budget.

The process of translating clinical documentation from a healthcare record into standardized codes from a classification system, which is essential for funding, research, and health system planning.

A technology-driven tool within EMRs that provides clinicians with evidence-based recommendations, alerts or reminders to enhance decision-making in patient care. 

A health information technology system that provides healthcare professionals with knowledge and recommendations to enhance decision-making, often powered by AI (Nardone et al., 2024). 

The set of relationships and responsibilities established by a healthcare organization to ensure good clinical outcomes, patient safety, and continuous improvement in the quality of care.

A model where AI supports human decision-making rather than replacing it, ensuring that qualified healthcare professionals maintain control over clinical decisions (Iqbal, Celi, & Li, 2020). 

A structure that outlines the specific knowledge, skills, and attributes required for professionals, such as Health Information Managers, to perform their roles effectively at various levels of experience.

The security goal refers to the protection of sensitive information from unauthorised access or disclosure. It ensures that only authorised individuals or systems can access certain data or resources, thereby preventing unauthorised parties from obtaining or using confidential information. 

A class of deep learning algorithms particularly well-suited for image recognition, widely used in medical imaging to detect abnormalities in X-rays, MRIs, and other diagnostic images (Esteva et al., 2017). 

Cyber Risk is the potential harm or adverse consequences that can result from the exploitation of vulnerabilities in digital systems, networks, or information assets. 

Cyber Risk Management involves the identification, assessment, and prioritisation of potential cyber risks faced by an organisation. 

A security incident where unauthorised individuals access or disclose sensitive information, such as a hacker stealing the financial details of patients.

The process of gathering health information from various sources, including patients, healthcare providers, and medical devices.

According to the Harvard Medical School, "a data dictionary serves as a centralised repository that provides detailed information about data, including its meaning, relationships to other data, origin, usage, and format. Essentially, it acts as a metadata repository. Regardless of the dataset's size or complexity, it should always include a data dictionary. This dictionary should be accessible to everyone involved in the design, collection, storage, transformation, and interpretation of the data. It is a crucial training tool for those engaged in data collection and transformation".

Source: Harvard Medical School, Data Dictionary Definition [opens in new tab]

The release of health information to authorised individuals or entities, following proper procedures and patient consent, when required or permitted by law.

The issue where disparate healthcare systems use different data formats, hindering data exchange and disrupting the continuity of care (Peiris et al., 2024).

The overall management of the availability, usability, integrity, and security of data used in an organization, ensuring data is handled consistently and properly through its lifecycle.

According to the Project Management Institute, data management describes creating, implementing, and overseeing strategies, policies, programs, and practices that govern, safeguard, deliver, and enhance the value of data and information assets. This means ensuring that the necessary procedures, processes, and infrastructure are in place for the efficient collection, storage, processing, and compilation of data. It encompasses concepts such as data cleansing, data quality, data maintenance, database administration, data warehousing, metadata management, and data security.

Source: Project Management Institute Data Management [opens in new tab]

The principle of collecting and processing only the personal data absolutely necessary for a specific purpose, like only asking for a birthdate when it's required.

Data quality refers to the extent to which data is appropriate for its intended use. From a health perspective, quality health data is error-free, timely, and produces expected outcomes. In other words, it is data that is suitable for its purpose. It includes several characteristics such as accuracy, completeness, consistency, and timeliness, ensuring that the data is reliable, trustworthy, and suitable for decision-making, analysis, and other applications.

Reference: Ehsani-Moghaddam B, Martin K, Queenan JA. Data quality in healthcare: A report of practical experience with the Canadian Primary Care Sentinel Surveillance Network data. Health Inf Manag. 2021 Jan-May;50(1-2):88-92. doi: 10.1177/1833358319887743. Epub 2019 Dec 5. PMID: 31805788. https://pubmed.ncbi.nlm.nih.gov/31805788/

Data sovereignty refers to the concept that digital data is subject to the laws and governance of the country in which it is physically stored or processed. Simply stated, data that is stored and processed in the country where it was generated.

The secure maintenance of health information in electronic or physical formats, ensuring its confidentiality, integrity, and availability. 

The ways in which health information is utilised within a healthcare setting, such as for analysis, treatment and payment.

According to Microsoft, a data warehouse is a central repository where an organisation stores electronic data, including datasets, metadata and the tools used for extracting, transforming and loading this information. Data warehouses are useful as they facilitate reporting and analysis enabling users to extract and transform data into meaningful insights at the individual record level as well as generating summary reports.

Source: Microsoft, What is a data warehouse [opens in new tab]

Modifying data to remove identifying details, protecting individual privacy. For example, replacing names in a dataset with unique numerical identifiers. 

A type of machine learning that uses neural networks with many layers (deep networks) to analyse complex data, such as medical images or genomic information (Wang, 2023). 

According to the Australian Digital Health Agency [opens in new tab] a digital front door is "a secure, single-access, user-friendly platform that combines healthcare data, services and information into one place. It is designed to improve the clinician and patient experience, making it easier for clinicians to access health data and consumers to access digital health services".

Global standard for storing, transmitting and viewing medical imaging data such as X-rays, MRIs and CT scans, ensuring compatibility across devices and systems.

The process through which healthcare systems transition from paper-based records to electronic systems, aiming to improve clinical outcomes, efficiency, and care coordination (Tsai et al., 2020).

In Australia, we use the term EHR to refer to the longitudinal health records that contain summary information of a person's health information, from cradle to the grave and includes immunisation records, discharge summaries, medications and prescriptions filled, imaging and pathology results.  It can be used interchangeably with EMR or electronic medical record.

In other countries it is a term used to describe the digital version of a paper chart. It includes a comprehensive collection of a medical history, such as demographics, progress notes, medications, vital signs, past medical history, laboratory data, and radiology reports from a particular provider (American Medical Association [opens in new tab]).

A digital version of a patient's medical history maintained by healthcare providers, used primarily for documenting diagnoses, treatments and care. 

The ease with which electronic health records (EHRs) can be used by healthcare professionals, influencing safety outcomes and adoption (Classen et al., 2023).

According to ISO 9241-11, "usability is the extent to which a product can be used by specified users to achieve their goals with effectiveness, efficiency, and satisfaction in a specified context of use."

Source: ISO/TS 20282-2:2013(en) Usability of consumer products and products for public use — Part 2: Summative test method [opens in new tab]

A form of leadership where decisions are guided by moral principles, focusing on honesty, integrity, fairness, and respect for the rights and dignity of others.

Exploit refers to a piece of software, code, or technique used by an attacker to take advantage of a specific vulnerability or weakness in a system or network. 

A modern standard for exchanging healthcare data in real-time, designed to facilitate interoperability through the use of APIs (Mandel et al., 2016; HL7 International, 2023).

A set of standards developed by HL7 that enables electronic health records and other systems to exchange and integrate healthcare information efficiently using modern web technologies like APIs.

Source: Australian Digital Health Agency FHIR [opens in new tab]

Basic data exchange between systems without the need for data interpretation (Hughes & Karla, 2023).

This acronym describes the European Union General Data Protection Regulation (GDPR) Source : Voigt, P., & Bussche, A.V. (2017). The EU General Data Protection Regulation (GDPR): A Practical Guide. Springer, Cham, Switzerland. https://dl.acm.org/doi/10.5555/3152676

A primary care physician who provides healthcare services to individuals and families, focusing on preventive care, diagnosis and treatment of a wide range of non-emergency conditions. 

The use of computational tools and AI to analyze genetic data to identify disease markers, enabling personalized treatment and targeted therapies (Nardone et al., 2024).

Governance refers to the framework through which an organisation is directed and managed, including the processes that ensure accountability for both the organisation and its members. Key components of governance include ethics, risk management, compliance, and administration.

Source:  Governance Institute of Australia [opens in new tab])

An interdisciplinary field that combines computer science, healthcare, and information science to improve healthcare delivery, decision-making, and management through the optimization of health information collection, storage, retrieval, and utilization (Buntin et al., 2011).

Under the Privacy Act in Australia, health information includes personal data related to an individual's health, such as illnesses, disabilities, and injuries. It covers opinions about health, future health services, provided health services, donation information, genetic data, and details like name, address, billing information, and Medicare number. It is classified as sensitive information.

Source: Commonwealth of Australia (1988) The Privacy Act [opens in new tab]

A health intervention is defined as “an act performed for, with or on behalf of a person on a population whose purpose is to assess, improve, maintain, promote or modify health, functioning or health conditions” (World Health Organization, 2025c).

A set of international standards that guide the exchange, integration and retrieval of electronic health information, promoting interoperability among health information systems.

Source: ISO: Global standards for trusted goods and services

An acronym that stands for the Health Insurance Portability and Accountability Act. This Act, from the United States is designed to improve efficiency and requires health services to adopt national standards for electronic health care transactions and code sets, unique health identifiers, and security.

Source: HIPPA for Professionals [opens in new tab]

A hospital-acquired complication (HACS) is defined by the Independent Health and Aged Care Pricing Authority (2022) as “a complication that occurs during a hospital stay and for which clinical risk mitigation strategies may reduce (but not necessarily eliminate) the risk of that complication occurring”(IHACPA, 2024).

A framework of principles, policies, and procedures for managing an organisation's information assets to support its strategic, clinical, and operational goals.

The security goal that aims to ensure that data remains accurate, complete, and unaltered during storage, transmission, or processing. It involves maintaining the consistency and trustworthiness of data and systems, guarding against unauthorised modification, tampering, or corruption. 

The ability of different healthcare systems and devices to exchange and use patient data in a coordinated manner, which improves care and reduces errors (HIMSS, 2021). 

A process of continuously refining digital tools through repeated cycles of testing, feedback, and adjustment to improve usability and engagement (Vilardaga et al., 2018). 

Quantifiable measures used to evaluate the success of an organisation or a specific activity in achieving its key objectives.

Leadership: The social relationship between two or more persons who depend on each other to attain certain mutual goals in a group situation (Babich and Smith, Leadership and Management in Learning Organizations)

A regional health authority in New South Wales, Australia, responsible for managing public hospitals and healthcare services within its designated area to deliver integrated care. 

A legal requirement for organisations to report certain data breaches to authorities and affected individuals, often within a specific timeframe, under the Notifiable Data Breach (NDB) scheme a 30-day timeframe for assessing and reporting eligible data breaches was established.

Metadata provides essential information about data, for example,  how it was collected and descriptions of data items.  This enables accurate interpretation and understanding of data quality. Metadata, for example clarifies date formats and explains derived data such as age based on date of birth, including any assumptions or fillers used.  This helps users assess data reliability and avoid misinterpretation.

Source: Australian Bureau of Statistics [opens in new tab]

Applications designed for smartphones and wearable devices that allow patients to monitor their health, manage chronic conditions, and communicate with healthcare providers (Goel & Taneja, 2023).

Australia's national personally controlled electronic health record system, which provides an online summary of an individual's key health information.

NIST stands for the National Institute of Standards and Technology, a non-regulatory federal agency in the United States that develops and promotes standards, guidelines, and best practices for various fields, including cybersecurity.

According to the Australian Institute of Health and Welfare, in the health context, a "National Minimum Data Set (NMDS) is a standardised core set of data elements agreed upon for mandatory national collection and reporting in the health sector, allowing for uniform data collection while permitting additional data gathering for specific needs. In the Australian context, definitions of the individual data elements are contained in the National Health Data Dictionary stored in METEOR along with the specifications for each NMDS".

Source: Australian Institute of Health and Welfare (2003), Admitted patient care national minimum data set: national health data dictionary version 12  https://www.aihw.gov.au/reports/hospitals/admitted-patient-care-nmds/summary

A branch of AI focused on enabling machines to understand, interpret, and respond to human language, often used to analyse unstructured clinical text in EHRs and medical records (Miotto et al., 2016). 

An ontology is a formal system that defines and organises concepts, categories, and relationships within a specific domain or field of knowledge. It's essentially a structured way of representing what exists and how different things relate to each other. At its simplest, think of ontology as a detailed map or classification system that shows how various concepts are connected and interact with one another.

An ontology is a formal description of knowledge as a set of concepts within a domain and the relationships that hold between them. It ensures a common understanding of information and makes explicit domain assumptions thus allowing organisations to make better sense of their data. (Ontotext, 2025)

An ontology-based definition, in the context of computer science and information systems, refers to a structured and formalised way of representing knowledge about a specific domain. It defines the entities, their properties, and the relationships between them, creating a shared and understandable vocabulary for users (Ontotext, 2025).

Personal information refers to any details that can identify an individual, including their health records, demographics, and contact information. The definition included within the Privacy Act (1988) [opens in new tab] is ‘Information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.’

A personalised approach to healthcare that tailors treatments based on individual genetic profiles, lifestyle, and other characteristics, facilitated by advancements in genomics, big data, and AI (Collins & Varmus, 2015).

The protection of individuals' personal information and their rights to control how their data is collected, used, and shared. It involves implementing measures to safeguard sensitive data from unauthorised access, misuse, or disclosure. 

Quality improvement (QI) utilises a wide variety of methods and tools to understand quality issues and causes and design solutions to solve problems. 

Risk Appetite is an organisation's willingness or tolerance to accept and manage risks. 

The systematic process of identifying, analysing, evaluating, treating, and monitoring risks to minimise their negative impact on an organisation.

The use of AI-powered software robots to automate repetitive, rule-based administrative tasks such as appointment scheduling, billing, and claims processing (Radaelli et al., 2024). 

Allows systems to interpret and use exchanged data meaningfully, ensuring that the data retains its context and relevance across different platforms (Hughes & Karla, 2023).

Private data requiring extra protection due to its sensitive nature, like health records, financial details.

A leadership philosophy where the leader's main goal is to serve their team and organisation, focusing on the growth and well-being of people and the communities to which they belong.

SNOMED CT (Systematized Nomenclature of Medicine -- Clinical Terms) is a comprehensive, multilingual clinical healthcare terminology system that provides standardised clinical terms and codes for documenting patient care, enabling consistent sharing and analysis of health information across healthcare systems.

The process of managing the expectations and engagement of individuals, groups, or organisations that have an interest in a project or organisation's outcomes.

The challenges faced by low and middle-income countries (LMICs) in adopting universal data standards, creating disparities in health data exchange capabilities (Borges et al., 2023). 

A leadership style focused on setting long-term vision and direction, motivating and inspiring others, and adapting to change to ensure the organisation's sustained success.

Ensures data is organised and preserved during exchange between systems, facilitating meaningful use of the data (Hughes & Karla, 2023).

The growing use of remote healthcare services, including virtual consultations and monitoring, particularly in underserved regions (Grygorian et al., 2024).

A leadership style where leaders inspire and motivate their team to innovate and create change that will help grow and shape the future success of the organisation.

Universal Health Coverage (UHC) means that all people have access to the full range of quality health services they need, when and where they need them, without facing financial hardship. 

Health information received by a healthcare organisation where the healthcare organisation has not taken any steps to collect the information.

Source: Office of the Australian Information Commissioner, Chapter 4 APP4 Dealing with unsolicited personal information [opens in new tab].

The overall experience of users when interacting with a system or product, including ease of use, efficiency, and satisfaction. 

A design approach that involves end users (patients, clinicians, etc.) in the development process to create intuitive and effective digital health tools (Johnson et al., 2005; Duffy et al., 2022).