Skip to content

Latest commit

 

History

History
39 lines (28 loc) · 2.3 KB

phi.md

File metadata and controls

39 lines (28 loc) · 2.3 KB
Raw

What Is PHI

HIPAA defines Protected Health Information (PHI), also known as Individually identifiable health information as information, including demographic data, that relates to:

  • the individual’s past, present or future physical or mental health or condition,
  • the provision of health care to the individual, or
  • the past, present, or future payment for the provision of health care to the individual,

and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.

Identifiers, according to HIPAA, include:

  1. Names

  2. All geographical subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code, if according to the current publicly available data from the Bureau of the Census:

    (1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and

    (2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000.

  3. All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older.

  4. Phone and fax numbers.

  5. Electronic mail addresses, Web URLs.

  6. Internet Protocol (IP) address numbers

  7. Social Security numbers.

  8. Medical record numbers.

  9. Health plan beneficiary numbers.

  10. Account numbers.

  11. Certificate or license numbers.

  12. Vehicle identifiers and serial numbers, including license plate numbers.

  13. Device identifiers and serial numbers.

  14. Biometric identifiers, including finger and voice prints.

  15. Full face photographic images and any comparable images.

  16. Any other unique identifying number, characteristic, or code (note this does not mean the unique code assigned by the investigator to code the data).

Note that these identifiers constitute Personally Identifying Information (PII), and their processing and storage can be subject to additional privacy rules and regulations.