Glossary
Technical, medical, and Noumaris-specific terminology.
Medical Terms
Clinical Documentation
| Term | Definition |
|---|---|
| Clinical Scribe | Professional who documents patient encounters in real-time, allowing clinicians to focus on patient care |
| Encounter | A single patient visit or interaction; the unit of clinical documentation |
| SOAP Note | Structured clinical note format: Subjective, Objective, Assessment, Plan |
| EMR | Electronic Medical Record - digital version of patient charts |
| EHR | Electronic Health Record - comprehensive patient health information across providers |
| PHI | Protected Health Information - any individually identifiable health information (HIPAA term) |
Healthcare Roles
| Term | Definition |
|---|---|
| Resident | Medical doctor in specialty training program (after medical school) |
| PGY | Post-Graduate Year (PGY-1 = first year resident, PGY-2 = second year, etc.) |
| Attending | Senior physician who supervises residents and medical students |
| Institution | Hospital, clinic, or healthcare organization |
Specialties
| Term | Definition |
|---|---|
| Family Medicine | Primary care for patients of all ages |
| Internal Medicine | Adult medical care, non-surgical |
| Pediatrics | Medical care for children |
| Emergency Medicine | Acute care in emergency departments |
Technical Terms
Authentication & Authorization
| Term | Definition |
|---|---|
| JWT | JSON Web Token - secure way to transmit authentication claims between parties |
| OAuth2 | Authorization framework allowing third-party applications to access user data |
| OIDC | OpenID Connect - identity layer on top of OAuth2 |
| RBAC | Role-Based Access Control - permissions based on user roles |
| SSO | Single Sign-On - one login for multiple applications |
| Realm | Keycloak namespace for users, roles, and clients |
| Service Account | Non-human account for machine-to-machine authentication |
Backend & Infrastructure
| Term | Definition |
|---|---|
| REST API | Representational State Transfer - web API using HTTP methods (GET, POST, PUT, DELETE) |
| WebSocket | Protocol for full-duplex communication (used for live transcription) |
| ORM | Object-Relational Mapping - database abstraction layer (SQLAlchemy) |
| Migration | Database schema version control (Alembic) |
| VPC | Virtual Private Cloud - isolated network in cloud environment |
| IaC | Infrastructure as Code - managing infrastructure via version-controlled config files |
| CI/CD | Continuous Integration/Continuous Deployment - automated testing and deployment |
Frontend
| Term | Definition |
|---|---|
| SPA | Single-Page Application - web app that loads once and updates dynamically |
| HMR | Hot Module Replacement - update code without full page refresh |
| SSR | Server-Side Rendering - generate HTML on server |
| CSR | Client-Side Rendering - generate HTML in browser (React default) |
| Hydration | Attaching React to server-rendered HTML |
| Virtual DOM | In-memory representation of UI for efficient updates |
Data & APIs
| Term | Definition |
|---|---|
| CRUD | Create, Read, Update, Delete - basic data operations |
| Rate Limiting | Restricting number of API requests per time period |
| Cache Invalidation | Marking cached data as stale and refreshing it |
| Optimistic Update | Update UI immediately, rollback if server request fails |
| Pagination | Splitting large datasets into pages |
Noumaris-Specific Terms
Core Concepts
| Term | Definition |
|---|---|
| encounter_id | UUID uniquely identifying a patient encounter/session |
| Template | Pre-defined structure and prompts for generating clinical notes |
| Template System | User-created and public templates with tags for organization |
| TipTap JSON | Rich text document format used to store clinical notes in database |
| Context | Additional information provided by clinician (patient history, visit reason) |
Permissions & Roles
| Term | Definition |
|---|---|
| Superadmin | System-wide administrator (manages all institutions) |
| Institution Admin | Manages users and permissions within their institution |
| Resident | Medical trainee with institution-controlled feature access |
| User | Standard physician role with full feature access |
| Permission Tier | Feature-based permission level (individual or bulk managed) |
| Feature Permission | Granular access control for specific features (e.g., live transcription) |
System Components
| Term | Definition |
|---|---|
| Live Transcription | Real-time WebSocket audio streaming to Deepgram |
| Note Generation | Claude AI converting transcript + context into structured note |
| Version History | Track changes to clinical documents over time (DocumentVersion model) |
| Tag Categories | Taxonomy for organizing templates (Specialty, Visit Type, Document Type) |
Acronyms
| Acronym | Full Term |
|---|---|
| ADR | Architecture Decision Record |
| API | Application Programming Interface |
| BAA | Business Associate Agreement (HIPAA) |
| CDN | Content Delivery Network |
| CORS | Cross-Origin Resource Sharing |
| CSP | Content Security Policy |
| DTO | Data Transfer Object |
| HIPAA | Health Insurance Portability and Accountability Act |
| IAM | Identity and Access Management |
| JSON | JavaScript Object Notation |
| LLM | Large Language Model |
| PIPEDA | Personal Information Protection and Electronic Documents Act (Canada) |
| SQL | Structured Query Language |
| TLS | Transport Layer Security |
| UUID | Universally Unique Identifier |
| XSS | Cross-Site Scripting |
Database Terms
| Term | Definition |
|---|---|
| Schema | Structure of database tables and relationships |
| Foreign Key | Column referencing primary key in another table |
| Index | Database structure to speed up queries |
| Transaction | Group of operations that succeed or fail together (ACID) |
| ACID | Atomicity, Consistency, Isolation, Durability - database reliability properties |
| Join | Combining rows from multiple tables based on relationship |
| N+1 Query Problem | Performance issue where 1 query spawns N additional queries |
Cloud & DevOps
| Term | Definition |
|---|---|
| Cloud Run | Google Cloud serverless container platform |
| Cloud SQL | Google Cloud managed database service |
| Secret Manager | Secure storage for API keys and credentials |
| Artifact Registry | Docker image storage in Google Cloud |
| Cloud Build | Google Cloud CI/CD service |
| Revision | Immutable snapshot of deployed Cloud Run service |
| Scale to Zero | Automatically scaling down to 0 instances when idle |
| Cold Start | Delay when scaling from 0 to 1 instance |
Development Terms
| Term | Definition |
|---|---|
| PR | Pull Request - code review and merge request |
| Merge Conflict | When Git can't automatically merge changes |
| Rebase | Replay commits on top of another branch |
| Stash | Temporarily save uncommitted changes |
| Cherry-pick | Apply specific commit to another branch |
| Hotfix | Urgent fix deployed directly to production |
| Feature Flag | Toggle feature on/off without deploying code |
Security Terms
| Term | Definition |
|---|---|
| SQL Injection | Attack inserting malicious SQL via user input |
| XSS | Cross-Site Scripting - injecting malicious scripts into pages |
| CSRF | Cross-Site Request Forgery - unauthorized actions on behalf of user |
| Salt | Random data added to password before hashing |
| Hash | One-way cryptographic function (passwords stored as hashes) |
| Encryption at Rest | Data encrypted when stored on disk |
| Encryption in Transit | Data encrypted during transmission (TLS) |
Next Steps
- Commands Reference - Quick command lookup
- Architecture Overview - System design
- API Documentation - Complete API reference