Secure Services Corp. - Support

Secure Services Corp. - Support
Support FAQ's Glossary of Terms

Algorithm: a formalized set of rules for carrying out a computation or solving a problem in a finite number of steps. A cryptographic algorithm is a method for transforming information, so that it is not intelligible until it is decrypted.
Authentication: security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information.

CCR: Continuity of Care Record
Certificate: a digital representation of information that binds the user's identification with the user's public key in a trusted manner. At minimum, this information (1) identifies the certification authority issuing it, (2) names or identifies its user, (3) contains the user's public key, (4) identifies its operational period, and (5) is digitally signed by the certification authority issuing it.

CKM: Constructive Key Management: (TecSec) cryptographic key management technology that provides information security, information management and access control through cryptography; the key used for encryption is created at the time of encryption and then destroyed. This key is then reconstructed at decryption.
CMS: Card Management System.

CMS: Centers for Medicare and Medicaid Services; Formerly known as the Health Care Financing Administration (HCFA), the federal agency responsible for administering the Medicare, Medicaid, SCHIP (State Children's Health Insurance), HIPAA (Health Insurance Portability and Accountability Act), CLIA (Clinical Laboratory Improvement Amendments), and several other health-related programs.

Cryptography: the science of writing or solving codes; the art and science of keeping information secure. It deals with the design of algorithms for encryption and decryption, intended to ensure the privacy and/or authenticity of messages:

Asymmetric (or public-key) encryption: A form of cryptosystem in which encryption and decryption are performed using two different, but mathematically related keys: one is made public and the other is kept private.

Symmetric (conventional) encryption: A form of cryptosystem in which the same key is used for both encryption and decryption. Both sender and receiver must possess the key, which must remain private to protect the communication.

Elliptic curve cryptography: A newer public-key cryptosystem that potentially can provide comparable levels of security but with faster calculations using smaller key sizes than the older methods.

Decryption: The process of transforming encrypted text or data (called cipher text) into original text or data (called plain text).

EHR: Electronic Health Record.

EMR: Electronic Medical Record - a legal record created in hospitals and ambulatory environments that is the source of data for the EHR.

Encryption: the process of transforming data, also referred to as cleartext or plaintext, into unreadable information, also referred to as ciphertext, in such a way that the original data either cannot be obtained (one-way encryption) or cannot be obtained without using the inverse decryption process.

HIPAA: Health Insurance Portability and Accountability Act (HIPAA) of 1996; allows persons to qualify immediately for comparable health insurance coverage when they change their employment relationships; standards for the electronic exchange of health care data; to require the use of national identification systems for health care patients, providers, payers (or plans), and employers (or sponsors); and to specify the types of measures required to protect the security and privacy of personally identifiable health care information.

Intercede: developer and supplier of powerful smart card and identity management software, which enables technology partners, service providers and systems integrators to quickly and easily incorporate smart cards and associated digital credentials into their products, solutions or services; identity management solutions: ID cards, citizen, driving license, health and transportation card programs.

ISO: International Organization for Standardization.
Key: in cryptography, the procedure that is used to encipher the message so that it appears as unintelligible "gibberish". The key is also required for decryption. Any piece of information, usually a number contained in a certain minimum number of bits, needed or used to encrypt or decrypt a message.

Key Management: the processes and procedures for providing the generation, distribution, tracking, control and destruction for all cryptographic key material, symmetric keys as well as public keys and their associated certificates.

MULTOS: The first open, high security, multi-application operating system for smart cards.

PHI: Patient Health Information.

PHR: Personal Health Record.

PIN: Personal Identification Number: a PIN is a 6 to 8 digit number used for Common Access Card identity verification and security. The PIN acts as a security code for the cardholder and prevents others from using one's CAC fraudulently or gaining access to his/her private key.

PKI: Public Key Infrastructure (authenticating identity of participants); also called a trust hierarchy; Framework established to issue, maintain, and revoke public key certificates. A system of Digital Certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. By managing keys and certificates through a PKI, an organization establishes and maintains a trustworthy networking environment. A PKI enables the use of encryption and digital signature services across a wide variety of applications. In a typical PKI deployment, each user is assigned a pair of linked keys: a public key available to others through a CA, and a private key, which is kept secret on the user's client. A user sending a secure message uses the receiver's public key to encrypt the transmission so that only the intended recipient can read the message.

POS: point of service capabilities.

Phishing: the practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization's logo, in an attempt to steal passwords, financial or personal information, or introduce a virus attack; the creation of a Web site replica for fooling unsuspecting Internet users into submitting personal or financial information or passwords.

SHAPE™: Secure Health And Privacy Environment.

Smart Card: credit card size card with an Integrated Circuit Chip (ICC).

Token: A key or methodology to open and secure the door to applications such as a bank, insurance company or health care provider. SSC is the world's only company using a MULTOS, CKM-Enabled Identity Smart Token®.

Acronyms

AHIC - American Health Information Network
ANSI - American National Standards Institute
CA - Certificate Authority
CC - Chronic Care
CCHIT - Certification Commission for Healthcare Information Technology
CDS - Clinical Decision Support
CHC - Community Health Centers
CHI - Consolidated Health Informatics
CHUID - Card Holder Unique Identifier
CKM - Constructive Key Management
CMS - Centers for Medicare and Medicaid Services
CPRS - Computerized Patient Record System
EHR - Electronic Health Record
EMR - Electronic Medical Records
HCCA - Health Care Compliance Association
HHS - U.S. Department of Health & Human Services
HIE - Health Information Exchange
HIPAA - Health Insurance Portability and Accountability Act
IOS - Independent Organization Sales
IT - Information Technology
KMA - Key Management Authority
LHR - Legal Health Record
LLC - Limited Liability Company
NBSP - National Biometric Security Project
OEM - Original Equipment Manufacturer
PDA - Personal Digital Assistant
PHR - Personal Health Record
PIN - Personal Identification Number
PIV - Personal Identity Verification
PKI - Public Key Infrastructure
SHAPE - Secure Health And Privacy Environment
SMA - Smart Card Alliance
SSC - Secure Services Corp.
TSA - Transportation Security Administration