HIPAA Security Reminder – What is Protected Health Information (PHI)?
The Health Insurance Portability and Accountability Act (HIPAA) mandated the adoption of Federal privacy and security regulations for protected health information (PHI). PHI is individually identifiable health information which is created or received by a health care provider, health plan, or health care clearinghouse. Such information relates to the past, present or future physical health, mental health or condition of an individual AND can be directly tied to an individual.
PHI either identifies or could be used to identify the individual and has been transmitted or maintained in any form or medium (electronic, paper or oral).
The regulations define eighteen fields as listed below which can be used to identify individuals:
- Geographic subdivisions smaller than a state, including street address, city, county, precinct, zip code and equivalent geocodes
- All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death, and all ages over 89.
- Telephone numbers
- Fax numbers
- Email addresses
- Social security numbers
- Medical record numbers
- Health plan beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers and serial numbers including license plate numbers
- Device identifiers and serial numbers
- Web Universal Resource Locator (URL)
- Biometric identifiers, including finger or voice prints
- Full face photographic images and any comparable images
- IP address
- Any other unique identifying number characteristic or code
If you'd like keep up to date on HIPAA Security and Privacy reminders or HIPAA-HITECH in general, please also consider (all optional!):
- Joining our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
- Following me: http://Twitter.com/AboutHIPAA
- Subscribing to our eNewsletter: https://app.e2ma.net/app/view:Join/signupId:61331/mailingId:3310893/acctId:36048
- Subscribing to our RSS feed: http://abouthipaa.com/feed/rss/
- Checking our company web site: http://clearwatercompliance.com/
- Attending a HIPAA HITECH live webinar: http://abouthipaa.com/webinars/on-demand-webinars/
- Viewing a pre-recorded webinar: http://abouthipaa.com/webinars/on-demand-webinars/