Asked in Law & Legal IssuesHospitalsHealth Insurance Portability and Accountability Act (HIPAA)
What is PHI and what does it have to do with HIPAA?
August 13, 2008 2:12AM
PHI or Protected Health Information is pretty much anything that pertains to the patient's medical condition and can be used by a reasonable person to identify the patient. So, if I say, "a man with a broken leg", that's Heath information but not PHI. If, however, I say, "Fred Jones checked into our hospital today", that IS PHI. Other individually identifying health information (IIHI) includes SSN, phone number, email address or website, physical description, Patient ID Number (PIN), and quite a few other data. PHI is a major factor in the Administrative Simplification section of HIPAA, where -- for the first time -- federal law protects patient privacy. Very specific conditions are set up that allow or deny the exchange of PHI, with and without the patient's permission. Also, AdminSimp allows the patient to view her own medical record and PHI (in most cases), and to ask for corrections to the medical chart (actually the Designated REcord Set in HIPAA-speak). HIPAA sets a structure for criminal offense, fines and potential imprisonment for the illegal disclosure of PHI, and requires Covered Entities (CE's) to protect PHI pretty strenuously.