Home » Knowledge Center » Compliance » Defining PHI Helps Secure Information
Knowledge Center
Hot Topics

Defining PHI Helps Secure Information

Print Post
Defining PHI Helps Secure Information

Under the HIPAA Privacy Rule, protected health information (PHI) refers to health information that can identify an individual, or can be used with other available information to identify an individual. PHI requires two things:

  1. An identifier; and
  2. A piece of health information

The HIPAA privacy rule defines “individual identifiers” to include: names, addresses, Social Security numbers, telephone numbers, e-mail addresses, dates of birth, etc. Even a license plate number on a patient intake form, if it’s the only identifying information, can be considered PHI because it could be used to identify a person.

What is PHI?

PHI can come in many forms: Telephone calls and voice mails, X-rays, photos and videos, verbal interactions (e.g., overheard conversations), faxes, and digital information, such as in a patient’s electronic medical record. PHI in an electronic format is also protected by HIPAA’s security rule.

PHI is not limited to current information. It can relate to a patient’s past, present, or future physical or mental health or condition; health care provided to the individual, or; the past, present, or future payment for health care to the individual. For example, if a patient was hospitalized in a mental institution in his teens, but he is now 65, that information is still protected under HIPAA.

HIPAA Exclusions

HIPAA excludes educational records held by schools, which are covered by a different federal privacy law: The Family Educational Right and Privacy Act (FERPA). Also, employment records that contain identifiable health information that are held by a covered entity acting as an employer are not considered PHI.

Marcia Brauchler

Marcia Brauchler

President and Found at Physicians' Ally, Inc.
Marcia L. Brauchler, MPH, CMPE, CPC, COC, CPC-I, CPHQ, is the president and founder of Physicians’ Ally, Inc., a full service healthcare company, where her and diverse staff provide advice and counsel to physicians and practice administrators, and education and assistance on how best to negotiate managed care contracts, increase reimbursements to the practice, and stay in compliance with healthcare laws. Brauchler’s firm sells updated HIPAA policies and procedures at www.physicians-ally.com. She is a member of the South Denver, Colorado, local chapter.
Marcia Brauchler

Latest posts by Marcia Brauchler (see all)

Related posts:

  1. What is Protected Health Information (PHI)?
  2. HHS Proposes New HIPAA Privacy Rule Regulations
  3. Proposed Rule Gives Patients Right to Know Who Viewed Records
  4. Answer Common HIPAA Questions – PHI
Tagged :

About Has 4 Posts

how best to negotiate managed care contracts, increase reimbursements to the practice, and stay in compliance with healthcare laws. Brauchler’s firm sells updated HIPAA policies and procedures at www.physicians-ally.com. She is a member of the South Denver, Colorado, local chapter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Hot Topics

  • ads

  • code-books-shipping

  • Latest Poll

    Would it help you to have the American Dental Association’s D codes included in the HCPCS Level II code book?