What is Considered PHI Under HIPAA?

What is Considered PHI Under HIPAA?


Published: September 30th, 2019

PHI stands for Protected Health Information. According to the HIPAA Privacy Rule, protected health information is identifiable information related to the present, past, or future health status of a patient. It includes all personal health information that is created, collected, transmitted or maintained by a HIPAA-covered entity concerning the provision of healthcare or payment for healthcare services. (1) PHI consists of spoken information, physical records, or electronic records. (For example- health records, health histories, test results, and medical bills) Demographic data is also considered protected health information. Additionally, standard identifiers such as patient names, Social Security numbers, Driver’s license numbers, insurance details, and birth dates are also considered PHI when linked with health information.

The 18 identifiers that make health information PHI are:

  • Names
  • Dates, except year
  • Telephone numbers
  • Geographic data
  • FAX numbers
  • Social Security numbers
  • Email addresses
  • Medical record numbers
  • Account numbers
  • Health plan beneficiary numbers
  • Certificate/license numbers
  • Vehicle identifiers and serial numbers including license plates
  • Web URLs
  • Device identifiers and serial numbers
  • Internet protocol addresses
  • Full face photos and comparable images
  • Biometric identifiers (i.e. retinal scan, fingerprints)
  • Any unique identifying number or code

The HIPAA Privacy Rule provides protections and rights for PHI held by covered entities. Additionally, the Privacy Rule permits the disclosure of personal health information needed for patient care and other necessary care related purposes.

According to the HIPAA Security Rule, covered entities and their business associates are required to ensure the appropriate technical, physical, and administrative safeguards are implemented to safeguard the confidentiality, integrity, and availability of PHI.

For questions regarding PHI or HIPAA regulations contact the experts at MedSafe. MedSafe is the nation's leading one-stop resource for outsourced safety and health compliance solutions in healthcare.

Toll-free: (888) MED-SAFE

www.medsafe.com


References:

https://www.hipaajournal.com/considered-phi-hipaa/

https://www.hipaajournal.com/what-is-considered-protected-health-information-under-hipaa/

https://www.hhs.gov/answers/hipaa/what-is-phi/inde...