PHI stands for Protected Health Information. According to the HIPAA Privacy Rule, protected health information is identifiable information related to the present, past, or future health status of a patient. It includes all personal health information that is created, collected, transmitted or maintained by a HIPAA-covered entity concerning the provision of healthcare or payment for healthcare services. (1) PHI consists of spoken information, physical records, or electronic records. (For example- health records, health histories, test results, and medical bills) Demographic data is also considered protected health information. Additionally, standard identifiers such as patient names, Social Security numbers, Driver’s license numbers, insurance details, and birth dates are also considered PHI when linked with health information.
The 18 identifiers that make health information PHI are:
The HIPAA Privacy Rule provides protections and rights for PHI held by covered entities. Additionally, the Privacy Rule permits the disclosure of personal health information needed for patient care and other necessary care related purposes.
According to the HIPAA Security Rule, covered entities and their business associates are required to ensure the appropriate technical, physical, and administrative safeguards are implemented to safeguard the confidentiality, integrity, and availability of PHI.
For questions regarding PHI or HIPAA regulations contact the experts at MedSafe. MedSafe is the nation's leading one-stop resource for outsourced safety and health compliance solutions in healthcare.
Toll-free: (888) MED-SAFE