HIPAA Protected Health Information (PHI)
Jump to navigation
Jump to search
A HIPAA Protected Health Information (PHI) is a personal medical record data attribute that is personally identifying information and that was created, used, or disclosed during the course of diagnosis or treatment.
- Context:
- It can be safeguarded by ... encryption, disposal, ...
- It can (often) be accessible, copyable, and correctable by a Individual.
- …
- Example(s):
- Counter-Example(s):
- See: Covered Entity, Private Data, Impermissible Privata Data Access, Privacy For Research Participants, Medical Record, de-Identification, HIPPA.
References
2021
- (Wikipedia, 2021) ⇒ https://en.wikipedia.org/wiki/Protected_health_information Retrieved:2021-10-25.
- Protected health information (PHI) under the U.S. law is any information about health status, provision of health care, or payment for health care that is created or collected by a Covered Entity (or a Business Associate of a Covered Entity), and can be linked to a specific individual. This is interpreted rather broadly and includes any part of a patient's medical record or payment history.
Instead of being anonymized, PHI is often sought out in datasets for de-identification before researchers share the dataset publicly. Researchers remove individually identifiable PHI from a dataset to preserve privacy for research participants.
There are many forms of PHI, with the most common being physical storage in the form of paper-based personal health records (PHR). Other types of PHI include electronic health records, wearable technology, and mobile applications. In recent years, there has been a growing number of concerns regarding the safety and privacy of PHI.
- Protected health information (PHI) under the U.S. law is any information about health status, provision of health care, or payment for health care that is created or collected by a Covered Entity (or a Business Associate of a Covered Entity), and can be linked to a specific individual. This is interpreted rather broadly and includes any part of a patient's medical record or payment history.
2021
- (Wikipedia, 2021) ⇒ https://en.wikipedia.org/wiki/Protected_health_information#United_States Retrieved:2021-10-25.
- Under the U.S. Health Insurance Portability and Accountability Act (HIPAA), PHI that is linked based on the following list of 18 identifiers must be treated with special care:
- Names
- All geographical identifiers smaller than a state, except for the initial three digits of a zip code if, according to the current publicly available data from the U.S. Bureau of the Census: the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; the initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000
- Dates (other than year) directly related to an individual
- Phone Numbers
- Fax numbers
- Email addresses
- Social Security numbers.
- Medical record numbers
- Health insurance beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers and serial numbers, including license plate numbers;
- Device identifiers and serial numbers;
- Web Uniform Resource Locators (URLs)
- Internet Protocol (IP) address numbers
- Biometric identifiers, including finger, retinal and voice prints
- Full face photographic images and any comparable images
- Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data
- Under the U.S. Health Insurance Portability and Accountability Act (HIPAA), PHI that is linked based on the following list of 18 identifiers must be treated with special care:
2021
- https://www.hhs.gov/answers/hipaa/what-is-phi/index.html
- QUOTE: The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.
2020
- https://compliancy-group.com/protected-health-information-understanding-phi/
- QUOTE: ... You might be wondering about the PHI definition. HIPAA protected health information (PHI), also known as HIPAA data, is any piece of information in an individual’s medical record that was created, used, or disclosed during the course of diagnosis or treatment that can be used to personally identify them. The meaning of PHI includes a wide variety of identifiers and different information recorded throughout the course of routine treatment and billing. Collecting PHI is a necessary component of the healthcare industry, and it needs to be attended to with the proper safeguards. ...
- QUOTE: ... You might be wondering about the PHI definition. HIPAA protected health information (PHI), also known as HIPAA data, is any piece of information in an individual’s medical record that was created, used, or disclosed during the course of diagnosis or treatment that can be used to personally identify them. The meaning of PHI includes a wide variety of identifiers and different information recorded throughout the course of routine treatment and billing. Collecting PHI is a necessary component of the healthcare industry, and it needs to be attended to with the proper safeguards. ...