What is “protected health information,” PHI?
Under HIPAA, PHI is confidential, personal, identifiable health information about individuals that is created or received by a health plan, provider, or health care clearinghouse and is transmitted or maintained in any form. “Identifiable” means that a person reading this information could reasonably use it to identify an individual.
Under HIPAA, PHI is confidential, personal, identifiable health information about individuals that is created or received by a health plan, provider, or health care clearinghouse and is transmitted or maintained in any form. “Identifiable” means that a person reading this information could reasonably use it to identify an individual. The National Optical Astronomy Observatory Group Health Plan privacy policies spell out how PHI can be used and who is authorized to use it. These policies are also posted on the Human Resources web site, http://www.noao.edu/cas/hr/hrmain.html Following are some (but not all) of the elements that make a piece of health-related information into PHI: • name • address • e-mail address • birth date (except year) • Social Security number • employee number • claim number • health plan beneficiary number. PHI includes written documents, electronic files, and verbal information. (Even information from an informal conversation can be considered PHI.) Examples of PH
Protected health information is a type of individually identifiable information relating to the past, present, or future health condition of an individual. The protections of the HIPAA Privacy Rule apply to PHI. Not all individually identifiable information is PHI. Specifically, in a research context, a study only uses, discloses, or produces PHI if it is using medical records as a source of information, or is providing a healthcare service to the research participant. • The Privacy Rule covers information, not tissue, except to the extent any identifiable medical information is attached to the tissue samples. • Genetic information is not provided a superior standard of privacy coverage under this federal regulation.
“Protected health information” (PHI) is personally identifiable information regarding a person’s past, present or future medical condition or the payment for medical care. For example, PHI would include information about a person’s physical, mental or behavioral condition that might be found on a doctor’s report used for underwriting or claims management.
