The health care industry is full of complex terminology. If you’re not a medical professional, the jargon can be difficult to decipher. In addition to a lot of hard-to-spell – and pronounce – monosyllabic words, there are myriad acronyms. 

The linguistic landscape is filled with names like FMLA, IME, FCE, HIPAA, IRO and URAC; which is why MLS Group of Companies wants to help you understand it all. 


Independent Review Organization; MLS is an IRO. IRO’s are defined as third-party medical review resources, which provide objective, unbiased determinations that support effective decision-making based only on medical evidence.   

An IRO utilizes board-certified, medically trained physicians to review case evidence in a timely manner, resulting in increased clinical accuracy, improved member satisfaction and strict adherence to numerous compliance requirements such as URAC.  


URAC was originally incorporated under the name Utilization Review Accreditation Commission. That name was shortened to the acronym URAC when they began accrediting other types of organizations such as health plans, pharmacies, and provider organizations.   

As an independent, third-party quality validator, URAC offers more than 30 accreditation and certification benchmarking products that enable learning and compliance with nationally recognized standards. Its programs are designed for companies all across the healthcare industry. 


The National Association of Independent Review Organizations, a member-driven, non-profit association, classifies itself as the “leading voice of independent medical peer review.” NAIRO’s primary objectives are developing guidelines for solving common industry problems, promoting standards for reviews, educating consumers about their rights for claims appeal and helping define the role of IROs in the evolving health care landscape. 

The association promotes the capability of independent review organizations and utilization management providers to render increased transparency for payers and providers, decreased risk through proactive risk management and improved member satisfaction through unbiased, evidenced-based external determination. 


The National Committee for Quality Assurance is an independent 501 nonprofit organization that works to improve health care quality through the administration of evidence-based standards, measures, programs, and accreditation. 

The NCQA operates on a formula of measure, analyze, and improve and it aims to build consensus across the industry by working with policymakers, employers, doctors, and patients, as well as health plans. 

The NCQA accreditation process takes about 12 months and is the only industry program that bases results on clinical performance and consumer experience. More than 1,000 health plan products have achieved NCQA Health Plan Accreditation, with an estimated 173 million people enrolled in NCQA-accredited health plans. 


The American Institute of CPAs is the world’s largest member association representing accountants, with a long history of serving the public interest. As defined by AICPA, System and Organization Controls (SOC) for Service Organizations are reports produced during an audit, which provide “valuable information that users need to assess and address the risks associated with an outsourced service.” SOC reports provided by AICPA assist service organizations to build trust and confidence in the service performed and controls related to it. MLS has achieved SOCII Type 2 Security accreditation through AICPA. 


A privately held company, the Health Information Trust Alliance created and maintains the Common Security Framework (CSF), which “provides organizations with a comprehensive, flexible and efficient approach to regulatory compliance and risk management.” According to HITRUST, the certifiable CSF provides “the needed structure, transparency, guidance and cross-references to authoritative sources organizations globally need to be certain of their data protection compliance.” 


The Health Insurance Portability and Accountability Act is one of the most prominent regulations in the industry. One of its key goals is to “assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well-being.”  

Under HIPAA, covered entities – such as providers, payers and clearinghouses that create, receive or transmit PHI – have to ensure they’re compliant with the Security Rule of HIPAA and its administrative, physical and technical safeguards. Administrative safeguards consist of data access, risk analysis, staff training and more, while technical ones are access and audit controls, integrity processes and transmission security. Physical safeguards include protections for workstations and devices and facility access. 

Criminal penalties for HIPAA violations vary from a fine of $50,000 to $250,000 and can include up to 10 years of jail time. Civil HIPAA violations range from $100 to $50,000, depending if it was unknowing or willful neglect. 


Independent medical examination occurs when a licensed physician conducts an examination of a patient to review that person’s condition. Though a peer review is done on paper, an IME is used for a second opinion, often after a peer or utilization review has already taken place. 

These examinations usually are requested by self-insured employers and companies that deal with labor and industry. Once the examination is completed, the selected physician develops a report on it and submits it to the payer or employer.  

For MLS and many others, these terms are used during everyday conversations, and MLS wants to help everyone feel confident when working with an IRO that we are here to guide and support all parties we encounter. To find out more about the services MLS offers please visit us at   

Subscribe to our blog to learn more about issues and trends affecting the health care industry. 

A guide to peer review and other health care terms from an Independent Review Organization. (IRO)