Glossary
Begin typing to filter the list
Acceptance Test Plan (ATP)
An Acceptance Test Plan is used by testers to determine if a software is acceptable for general release.
Association of Minnesota Counties (AMC)
Association of Minnesota Counties. Reference: http://mncounties.org/
Authentication
The process of verifying the identity ofother attributes of an entity (user, process, or device).
Authorization
A process of determining, by evaluating applicable access control information, whether a sunject is allowed to have the specified tpes of acces to a particular resource.
Blacklist
A list of entities that are blocked or denied privileges or access.
Blended Attack
A cyber attack that comprises multiple attack vectors and malware is known as a blended attack. Such attacks usually cause severe damage to targeted systems.
Bug
An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device.
Bureau of Criminal Apprehension (BCA)
Bureau of Criminal Apprehension (BCA). Reference: https://dps.mn.gov/divisions/bca/
Business Continuity Plan (BCP)
An outlined document that explains how an organizationw will operate during an unplanned disruption.
Bring Your Own Device (BYOD)
Child & Teen Check Ups (CATCH3 or C&TC)
CATCH3 is a software system used by C&TC Coordinators and outreach staff to track enrolled children, document outreach, and provide follow-up activities to families and children. Reference:http://www.dhs.state.mn.us/main/idcplg?IdcService=GET_DYNAMIC_CONVERSION&RevisionSelectionMethod=LatestReleased&dDocName=id_000307
Chief Information Officer (CIO)
Chief Information Security Officer (CISO)
Chief Security Officer (CSO)
Clickjacking
A technique used by an attacker to inject malicious code in clickable content in websites. Clickjacking is usually done to record the victim's clicks on the intere=net or drop a malware infection on the system.
Continuity of Operations Plan
A document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption of potential disruption.
Community Health Board (CHB)
The Community Health Board is the legally recognized governing body for local public health in Minnesota. It is the only government entity eligible for funding under the Local Public Health Act grant. CHBs have statutory responsibility under the Local Public Health Act, and work in partnership with the Minnesota Department of Health (MDH) to address the areas of public health responsibility. Reference: https://www.health.state.mn.us/communities/practice/connect/findlph.html.
Computer Aided Mass Appraisal (CAMA)
Computer Aided Mass Appraisal (CAMA) software used by county assessors.
Compuer Emergency Response Team
Court Services Tracking System (CSTS)
CSTS is a statewide software system owned by MnCCC and managed by the Corrections User Group. Representation on the Corrections Executive Committee from all three probation organizations - Department of Corrrections (DOC), Minnesota Association of Community Correction Act Counties (MACCAC), and Minnesota Association of County Probation Officers (MACPO).
Critical Infrastructure
The systems and assests, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.
Cyber Security Incident Response Team (CSIRT)
Dailies
A term used in PH-Doc to track time, mileage, and expenses associated with a workday. There are four kinds of dailies: service to individuals, service to groups, service to clinics, and miscellaneous. Dailies are the source for service reporting, time studies, billing, and payroll and expense interfaces.
Data Mining
The process or techniques used to analyze large sets of existing information to discover previously unrevealed patterns or correlations.
Department of Corrections (DOC)
Minnesota Department of Corrections (DOC or MDOC). Reference: https://mn.gov/doc/
Department of Homeland Security (DHS)
Digital Forensices
The processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes.
Digital Signature vs. Electronic Signature
A digital signature is a value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data. An electronic signature is a mark in an electronic form associated with an electronic document, applied with the intent to sign the document.
Discretionary Access Control (DAC)
Domain Name System (DNS)
Doodle, Doodle Poll
A quick, easy, and free software to survey everyone's schedules and coordinate a date and time for a meeting. Check it out: https://doodle.com
Electronic Health Record (EHR)
A real-time patient health record with access to evidence-based decision support tools that can be used to aid clinician decision-making. The EHR can automate and streamline a clinician's workflow, ensuring that all clinical information is communicated. It can also prevent delays in response that result in gaps in care, and support the collection of data for billing, quality management, outcome reporting, and public health disease surveillance and reporting. An EHR is considered more comprehensive than the Electronic Medical Record (EMR). Reference: https://www.healthit.gov/faq/what-electronic-health-record-ehr
Email Spoofing
How an attacker crafts the header of a malicious email so that user is tricked into viewing it. This technique is typically used in phishing attacks.
Family Home Visiting (FHV)
Family home visiting (FHV) is a voluntary, home-based service ideally delivered prenatally through the early years of a child's life. It provides social, emotional, health-related and parenting support and information to families, and links them to appropriate resources. Reference: https://www.health.state.mn.us/communities/fhv/index.html
Finance & General Government (F&GG)
MnCCC's Finance & General Government which manages an array of contracts with software and services utilized by Auditors, Treasurers, and Finance Officers, including, but not limited to, Payroll, HR, Asset Management, IFS, Elections, and more.
Follow-Along Program (FAP)
The FAP application is provided by the Minnesota Department of Health (MDH) to monitor infants and toddlers using ASQ forms and letters. PH-Doc has the ability to integrate the FAP database ("integrated mode") when both databases are available on the agency’s network. This is made available through the FOLLOW ALONG application. Integration involves pulling PH-Doc clients into FAP or pushing FAP clients into PH-Doc, auto-synchronizing notes (including ASQ scores) and identifying differences in demographics and address information.
General Data Protection Regulation (GDPR)
General Data Protection Regulation allows users to have access to their information and have a say in how it is stored and used.
Geographic Information System (GIS)
A Geographic Information System (GIS) is designed to capture, store, manipulate, analyze, manage, and present spatial or geographic data. GIS softwares are used by individuals, communities, research institutions, environmental scientists, health organizations, land use planners, businesses, and government agencies at all levels.
Global Public Inclusive Infrastructure (GPII)
The purpose of the Global Public Inclusive Infrastructure (GPII) is to ensure that everyone who faces accessibility barriers due to disability, literacy, digital literacy, or aging, regardless of economic resources, can access and use the Internet and all its information, communities, and services for education, employment, daily living, civic participation, health, and safety. For more information, please visit: https://gpii.net/
Governance Risk and Compliance (GRC)
Health Data Intermediary (HDI)
An organization that provides the infrastructure to connect clinical information systems to facilitate secure transmission of health information.
Health Information Exchange (HIE)
The electronic transmission of health care-related data among facilities, health information organizations (HIO), and government agencies according to national standards
Health Information Organization (HIO)
An organization that provides all electronic capabilities for the transmission of clinical transactions necessary for ‘meaningful use’ of electronic health records in accordance with nationally recognized standards.
Health Information Technology for Economic and Clinical Health (HITECH)
Addresses changes to privacy and security, including breach notifications, personal access requirements, and the application of the HIPAA security rule to Business Associates. It is part of the American Recovery and Reinvestment Act of 2009.
Health Insurance Portability and Accountability Act (HIPAA)
The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) establishes, for the first time, a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services (HHS) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Privacy Rule standards address the use and disclosure of individuals’ health information—called "protected health information" (PHI) by organizations subject to the Privacy Rule ("covered entities") — as well as standards for individuals' privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (OCR) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties. Reference: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html.
Health Interoperability Service Provider (HISP)
An Internet vendor that provides security and transport services for directed health information exchange based on the Direct protocol. An HISP provides the exchange needs for the source and destination for the delivery and receipt of electronic health information, but without any governance responsibilities.
Health Level 7 (HL7)
An organization and a set of standards dedicated to developing standards for the exchange of electronic health information.
Hypertext Transfer Protocol (HTTP)
Hypertext Transfer Protocol Secure (HTTPS)
Incident
An occurence that actually or potentially results in adverse consequences to an information system or the information that the system process, stores, or transmits and that may require a response actual to mitigate the consequences.
Information Services Support Group (ISSG)
MnCCC's IT group that shares knowledge, assists one another with software and hardware challenges, and works together to find cooperative solutions.
Integrated Financial System (IFS)
The Integrated Financial System (IFS) is owned by MnCCC and represents 78 counties and several agencies. The Joint IFS Committee (JIC) manages IFS with representation from Human/Social Services and Auditor/Treasurer offices from the participating counties.
International Classification of Diseases (ICD)
International Classification of Diseases (ICD) Codes are used to enter diagnoses codes on an individual client chart.
Information Systems (IS)
Internet Service Provider (ISP)
Joint IFS Committee (JIC)
The Joint IFS Committee (JIC) manages IFS with representation from Human/Social Services and Auditor/Treasurer offices from the participating counties.
Juvenile/Adult Information Management System (JAIMS)
Juvenile/Adult Information Management System (JAIMS) used to be a stand alone program for managing detention centers. Now, this functionality is built into CSTS and managed by the Facility Admissions Committee.
Keylogger
Software or hardware that tracks keystroked and keyboard events, usually surrepitiously/secretly, to monitor actions by the user of an information system.
Knowledge, Behavior, and Status (KBS)
Manages ratings of client knowledge (K), behavior (B), and status (S) for any or all of the Omaha System Problems on the client’s Care Plan.
Local Area Network (LAN)
Logical Observation Identifiers Names and Codes (LOINC)
A universal coding system for the electronic exchange of laboratory test results and other observations. Under Clinical Document Architecture, LOINC codes are used for defining the type of documents shared, the content of those documents (templates), and some of the data elements within that content (e.g., smoking status). Surveys and questionnaires are typically defined using LOINC codes.
Malware
Software that compromises the operation of a system by performing an unauthorized function or process.
Maternal, Infant, and Early Childhood Home Visiting Program (MIECHV)
The Maternal, Infant, and Early Childhood Home Visiting Program gives pregnant women and families, particularly those considered at-risk, necessary resources and skills to raise children who are physically, socially, and emotionally healthy and ready to learn. Reference: https://mchb.hrsa.gov/maternal-child-health-initiatives/home-visiting-overview
Meaningful Use (MU)
A Medicare and Medicaid program that awards incentives for using certified electronic health records (EHRs) to improve patient care. MU is implemented in a phased approach over a series of three stages. The meaningful use rules define the minimum requirements that providers must meet through their use of certified EHR technology in order to qualify for incentive payments under the HITECH Act. Public Health is not a recipient of the MU incentives. Reference: https://www.healthit.gov/topic/meaningful-use-and-macra/meaningful-use
Media Access Control (MAC)
Metro Alliance for Healthy Families (MAHF)
The Metro Alliance for Healthy Families works hand-in-hand with families and community agencies in the Twin Cities region of Minnesota to build a secure foundation for babies to grow with their families. Reference: https://www.metroallianceforhealthyfamilies.org/Pages/Public/MAHFHomeForm.aspx
Minnesota Association of Assessing Officers (MAAO)
Minnesota Association of Assessing Officers provides education and information to promote excellence in property appraisal and assessment administration through professional development with the highest ethical standards. To learn more, visit: https://www.mnmaao.org/
Minnesota Association of Community Correction Act Counties (MACCAC)
Minnesota Association of Community Correction Act Counties (MACCAC). Reference: http://www.maccac.org/
Minnesota Association of County Auditors, Treasurers, and Finance Officers (MACATFO)
Minnesota Association of County Auditors Treasurers and Finance Officers, a committee of MACO. Reference: https://www.mncounty.org/page/macatfo_committees
Minnesota Association of County Officers (MACo)
Minnesota Association of County Officers. Reference: https://www.mncounty.org/
Minnesota Association of County Probation Officers (MACPO)
Minnesota Association of County Probation Officers (MACPO). Reference: https://www.macpo.net/
Minnesota Counties Computer Cooperative (MnCCC)
Minnesota Counties Computer Cooperative, also called "M-Triple C". MnCCC provides an opportunity, through our joint powers agreements with counties (and cities and agencies), to collaborate on software solutions. We have software user groups that work together to provide Minnesota specific software for use in county departments. Some groups own and manage their software; other groups are using off-the-shelf software that has been customized for Minnesota.
Minnesota Counties Intergovernmental Trust (MCIT)
Minnesota Counties Intergovernmental Trust is a joint powers entity made up of Minnesota counties and associated public entities that pool resources to provide property, casualty and workers’ compensation coverage to members. MCIT also offers risk management and loss control services. Reference: https://www.mcit.org
Minnesota County Attorney Association (MCAA)
Minnesota County Attorney Association. Reference: https://mcaa-mn.org/
Minnesota County Attorney Prosecutor Software (MCAPS)
MCAPS is the Minnesota County Attorney Prosecutor Software (MCAPS). MCAPS is owned by MnCCC and managed by the MnCCC County Attorney User Group.
Minnesota County IT Leadership Association (MNCITLA)
Minnesota County IT Leadership Association. Reference: https://www.mncitla.us/
Minnesota Department of Health (MDH)
Minnesota Department of Health (MDH). Reference: http://www.health.state.mn.us/
Minnesota Department of Human Services (MDHS)
Minnesota Department of Human Services (MDHS). Reference: https://mn.gov/dhs/
Minnesota Department of Revenue (DOR)
Minnesota Department of Revenue (DOR or MDOR). Reference: http://www.revenue.state.mn.us/
Minnesota Immunization Information Connection (MIIC)
The Minnesota Immunization Information Connection (MIIC) is a confidential system that stores electronic immunization records. MIIC makes keeping track of vaccinations easier and helps ensure Minnesotans get the right vaccines at the right time. Reference: https://www.health.state.mn.us/miic
Minnesota IT Services (MN.IT)
State of Minnesota IT Services. (MN.IT is pronounced like, “Minute”) Reference: https://mn.gov/mnit/get-help/
Minnesota Visiting Nurses Association (MVNA)
MVNA is the community connections care division for Hennepin Healthcare. We provide home care in the community through safety net programs. Our programs provide care from prenatal and birth, to chronic disease management, to end of life and bereavement. MVNA focuses on prevention, hospital follow-up, transitional care, supportive services, public health, and community health initiatives. Reference: https://www.hennepinhealthcare.org/patient-care/mvna/
Multi Factor Authentication (MFA)
National Association of County Officers (NACO)
National Association of County Officers (NACO). Reference: https://www.naco.org/
Nationwide Health Information Network (NwHIN)
A set of standards, services and policies that enable the secure exchange of health information over the internet. The NwHIN provides a foundation for the exchange of health information across diverse entities, within communities and across the county, helping to achieve the goals of the HITECH Act. Reference: https://www.healthit.gov/sites/default/files/what-Is-the-nhin--2.pdf
National Institute for Standards and Technology (NIST)
NIST
National Institute of Standards and Technology. The 800 series (NIST 800) covers cyber and information security.
Omaha System
A research-based and comprehensive practice for documentation and information management standardized taxonomy or classification system designed to document client care from admission to discharge. The hierarchy and terms include an assessment component (Problem Classification Scheme), an intervention component (Intervention Scheme), and an outcomes component (Problem Rating Scale for Outcomes). Reference: www.omahasystem.org
Operational Security (OPSEC)
Operating System (OS)
Outcome and Assessment Information Set (OASIS)
Forms developed by the Centers for Medicare and Medicaid Services (CMS).
Penetration Testing (PEN Test)
An evaluation methodology wherby assessors actively probe for vulberabilites and attempt to circumvent the security features of a network and/or information system.
Pharming
Pharming is when a user is redirected to a fake website wihtout their consent or knowledge. In most cases, the fake website looks exactly similar to the actual website that the user intended to visit.
PH-Doc
PH-Doc is a software application for local public health agencies, designed to manage the practice and maintain the electronic health record of those served. PH-Doc designed and owned by local public health agencies of the Minnesota Counties Computer Cooperative (MnCCC) .
Phishing
A digital form of social engineering to deceive individuals into provideing sensitive information.
Personal Identification Number (PIN)
Property Information User Group (PIUG)
MnCCC's Property Information User Group (PIUG) manages contracts that help share Geographic Information System (GIS) and Computer Aided Mass Appraisal (CAMA) data both internally within the county and externally with taxpayers and business partners.
Property Record Information System of Minnesota (PRISM)
Property Record Information System of Minnesota. Reference: https://www.revenue.state.mn.us/prism-property-record-information-system-minnesota
Ransomware
Ransomeware is a malicious program that performs the following malicious activities after infecting a computer: 1) Makes the system non-functional unless the victim agrees to pay a ransom. 2)Encrypts the computer's data and demands a ransom to a release it to the victim.
Recovery
The activities after an incident or event to restore essential services and operations in the short and medium term and fully restore all capabilities in the longer term.
Remote Access Services (RAS)
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer on a network without having to understand the network's details. A procedure call is also sometimes known as a "function call" or a "subroutine call."
Request for Information (RFI)
Request for Information (RFI) is a form method MnCCC and its members use to collect information about the market to determine whether or not to proceed with an RFP for software, hardware, service, or other purchase.
Request for Proposal (RFP)
Request for Proposal (RFP) is a formal method MnCCC and its members use to evaluate the market to make the best decision possible before selecting a software, hardware, service, or other purchase.
Response
The activities that addres the short-term, direct effects of an incident and may also support short-term recovery.
SIEM
System Incident and Event Management. Tools and processes that collect data generated from devices and services to perform real time and historial correlated analysis to detect security.
Single Factor Authentication (SFA)
Service Level Agreement (SLA)
Smishing
Smishing is a type of phishing attack where targets are sent fake or malicious SMSs. These SMSs are designed to steal personal information from target, or trick them into visiting a phishing website.
Social Determinants of Health (SDOH)
The social determinants of health are the conditions in which people are born, grow, live, work, and age. These circumstances are shaped by the distribution of money, power, and resources at global, national, and local levels. The social determinants of health are mostly responsible for health inequities - the unfair and avoidable differences in health status seen within and between countries. Reference: https://www.who.int/social_determinants/sdh_definition/en/
Social Engineer Toolkit (SET)
Social Services Information System (SSIS)
An application provided by the Minnesota Department of Human Services (MDHS) to manage clients seen by the county social services departments. Counties are required to use SSIS to track services provided to children
Software as a Service (SAAS)
Software Development Life Cycle (SDLC)
Spam
Spam is defined as unwanted or unexpected emails sent in bulk. Mostly, spam is used to distribute malware.
Spearphishing
An email or electronic communications scam targeted towards a spacific individual, organization, or business.
Spoofing
Faking the sending address of a transmission to gain illegal or unauthorized entry into a secure system.
SQL Injection
An SQL injection is performed by an attacker to exploit a poorly-designed application to produce unwanted database query results. For instance, an attacker can insert a malicious code into a web form that is used for user authentication. Via this code, the attacker can send his request to the database and perform illicit activites.
SQL Server Reporting Services (SRSS)
SQL Server Reporting Services is a solution that customers deploy on their own premises for creating, publishing, and managing reports on SQL databases.
Statewide Supervision System (SSS)
Statewide Supervision System (SSS). Reference: https://mn.gov/doc/staff-partners/s3/
Strategic Technologies, Inc. (STI)
Strategic Technologies, Inc. To learn more, visit: https://www.sti-software.com/default.aspx
Structured Query Language (SQL)
SQL (pronounced "ess-que-el") stands for Structured Query Language. SQL is used to communicate with a database. According to the American National Standards Institute (ANSI), it is the standard language for relational database management systems. SQL was developed at IBM and was initially called “Structured English Query Language” (SEQUEL) and pronounced “sequel”.
Systematized Nomenclature of Medicine (SNOMED)
A systematic, computer-processable collection of medical terms for both human and veterinary medicine which provides codes, terms, synonyms, and definitions that cover anatomy, diseases, findings, procedures, microorganisms, substances, etc. It allows a consistent way to index, store, retrieve, and aggregate medical data across specialties and sites of care.
TaxLink
Minnesota TaxLink is a hosted solution that helps counties share tax court case information.
Truth in Taxation (TNT)
Truth in Taxation (TnT) is a process first enacted by the legislature in 1988 to enhance public participation in Minnesota's property tax system. County auditors generate parcel-specific notices of proposed taxes for all parcels of property based on the proposed levies. Reference: https://www.revenue.state.mn.us/truth-taxation
URL Spoofing
A technique used by hackers to create a fake URL that impersonates the URL of a secure or legitimate website. A spoofed URL looks exactly like the one of the orginial website, but redirects users to a phishing or malicious site.
Vendor Contract Guidelines
MnCCC's document to provide information to our business partners and members as to what language is to be included in contracts. Posted on our website in a pdf format under our Resource Center, it is also available in word format by request. Resource Center: https://mnccc.org/rescource-center/
Virtual Local Area Network (VLAN)
Virtual Private Network (VPN)
Virus
A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propogate to another computer.
Vishing
Voice phishing where a hacker uses voice calls to trick users into divulging personal or finacial information.
Voice Over Internet Protocol (VOIP)
Website Spoofing
Website spoofing refers to creating a fake site that looks exactly like a trusted and popular website, in order to collect personal or financial information from users. Spoofed websites area created using legitimate logos, colors, designs, etc.. to make them look realistic.
Whitelist
A list of entities that are considered trustworthy and are granted access of priviledges.