Protected Health Information (PHI)
What is protected health information (PHI)?
PHI stands for protected health information. The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients various rights concerning that information.
PHI and electronically protected health information (ePHI) mean any identifiable data about the patient, including:
- Name
- Address
- Date of birth
- Social security number
- Device identifiers
- Email addresses
- Biometrics
- Lab or imaging results
- Medical history
- Payment information
PHI is a subset of personally identifiable information (PII) that refers explicitly to information processed by HIPAA-covered entities. When health information is combined with a personal identifier, the data becomes PHI.
The requirements for processing PHI help protect patient privacy and allow making care coordination easier. The HIPAA Privacy Rule ensures that PHI is shared and used only with patient permission or for care coordination between covered entities. Identifiable health information is not considered PHI unless that organization is a HIPAA-covered entity.
There are many different demands for compliant marketing and analytics under HIPAA; read more:
- Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates
- HIPPA privacy guidance on marketing
You may also like:
March 29, 2023
GA4 migration problems: What are the alternatives
Starting July 1, 2023, standard Universal Analytics (UA) properties will stop processing new hits. This will align with Google’s plan to sunset UA and replace it with its next-generation measurement solution known as Google Analytics 4 (GA4). In preparation for this, Google is providing all UA users a means to migrate their standard UA properties […]
Read more
March 9, 2023
PHI and PII: How they impact HIPAA compliance and your marketing strategy
Disclaimer: This blog post is not legal advice. Piwik PRO provides privacy-friendly analytics software, but doesn’t provide legal consultancy. If you’d like to make sure that you comply with HIPAA guidelines, we encourage you to consult an attorney. Personally identifiable information (PII) and protected health information (PHI) may seem similar. However, there are critical distinctions […]
Read moreOther definitions
Recent posts from Piwik PRO blog
- GA4 migration problems: What are the alternatives
- PHI and PII: How they impact HIPAA compliance and your marketing strategy
- Data flow in an analytics platform: How to set up your data collection and analysis process
- Google Analytics might soon be banned in Norway
- Is Google Analytics HIPAA-compliant?