This entry is part 4 of 26 in the series HIPAA Privacy-Security Reminders

The Health Insurance Portability and Accountability Act (HIPAA) mandated the adoption of Federal privacy and security regulations for protected health information (PHI). PHI is individually identifiable health information which is created or received by a health care provider, health plan, or health care clearinghouse. Such information relates to the past, present or future physical health, mental health or condition of an individual AND can be directly tied to an individual.

What is PHI?

PHI either identifies or could be used to identify the individual and has been transmitted or maintained in any form or medium (electronic, paper or oral).

The regulations define eighteen fields as listed below which can be used to identify individuals:

  1. Names
  2. Geographic subdivisions smaller than a state, including street address, city, county, precinct, zip code and equivalent geocodes
  3. All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death, and all ages over 89.
  4. Telephone numbers
  5. Fax numbers
  6. Email addresses
  7. Social security numbers
  8. Medical record numbers
  9. Health plan beneficiary numbers
  10. Account numbers
  11. Certificate/license numbers
  12. Vehicle identifiers and serial numbers including license plate numbers
  13. Device identifiers and serial numbers
  14. Web Universal Resource Locator (URL)
  15. Biometric identifiers, including finger or voice prints
  16. Full face photographic images and any comparable images
  17. IP address
  18. Any other unique identifying number characteristic or code

The complete HIPAA Privacy and Security regulations are here.

Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Join our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
Follow us on Twitter
Subscribe to our eNewsletter
Attend a live educational webinar.

Series Navigation<< HIPAA Privacy and Security Reminder – Understanding Medical Identity TheftHIPAA Privacy and Security Reminders – Protecting Sensitive Data is Everyone’s Responsibility >>

Bob Chaput

CEO at Clearwater Compliance
Bob is the CEO and Founder of Clearwater Compliance. He has 25 years of experience in the Healthcare industry, and his experience includes managing some of the world’s largest HR, benefits and healthcare databases, requiring the highest levels of security and privacy. Mr. Chaput continues to expand and update his knowledge base on HIPAA-HITECH compliance through postgraduate study, earning professional certifications and participating in professional healthcare and other organizations.