In other words, PHI is personally identifiable information in medical records, including conversations between doctors and nurses about treatment. PHI also includes billing information and any patient-identifiable information in a health insurance company’s computer system.
What is PHI in health care?
PHI stands for Protected Health Information. The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information.
Who has access to protected health information?
With limited exceptions, the HIPAA Privacy Rule gives individuals the right to access, upon request, the medical and health information (protected health information or PHI) about them in one or more designated record sets maintained by or for the individuals’ health care providers and health plans (HIPAA covered …
What are examples of Hipaa violations?
What Are Some Common HIPAA Violations?
- Stolen/lost laptop.
- Stolen/lost smart phone.
- Stolen/lost USB device.
- Malware incident.
- Ransomware attack.
- Business associate breach.
- EHR breach.
When can you use or disclose protected health information?
Covered entities may disclose protected health information that they believe is necessary to prevent or lessen a serious and imminent threat to a person or the public, when such disclosure is made to someone they believe can prevent or lessen the threat (including the target of the threat).
What is included in protected health information?
Protected health information includes all individually identifiable health information, including demographic data, medical histories, test results, insurance information, and other information used to identify a patient or provide healthcare services or healthcare coverage.
What is not considered protected health information?
Examples of health data that is not considered PHI: Number of steps in a pedometer. Number of calories burned. Blood sugar readings w/out personally identifiable user information (PII) (such as an account or user name)
What protected health information can patients have access to in their own records?
Thus, individuals have a right to a broad array of health information about themselves maintained by or for covered entities, including: medical records; billing and payment records; insurance information; clinical laboratory test results; medical images, such as X-rays; wellness and disease management program files; …
What are some examples of PHI?
Examples of PHI
- Patient names.
- Addresses — In particular, anything more specific than state, including street address, city, county, precinct, and in most cases zip code, and their equivalent geocodes.
- Dates — Including birth, discharge, admittance, and death dates.
- Telephone and fax numbers.
- Email addresses.
Can you talk about a patient without saying their name?
HIPAA violation: yes. However, even without mentioning names one must keep in mind if a patient can identify themselves in what you write about this may be a violation of HIPAA. HIPAA violation: potentially yes if someone can identify it is them and prove it.