What is PHI?

PHI includes all individually identifiable health information (including information in research databases and tissue bank samples with identifiers) relating to the:
  • Past, present, or future physical or mental condition of an individual
  • Provision of health care to an individual
  • Past, present or future payment for the provision of health care to an individual
Health information is individually identifiable if it contains any of the following:
  • Names
  • Geographic subdivisions smaller than a state
  • Dates (except year) directly related to an individual, including birth date, health care service admission or discharge dates, date of death, and all ages over 89 and all elements of dates (including year) indicative of such age, unless aggregated into a single category of ages over 89
  • Telephone numbers
  • Fax numbers
  • E-mail addresses
  • Social security numbers
  • Medical record numbers
  • Health plan beneficiary numbers
  • Account numbers
  • Certificate/Driver’s license numbers
  • Vehicle identifiers and serial numbers, including license plate numbers
  • Device identifiers and serial numbers
  • Web Universal Resource Locators (URLs)
  • Internet Protocol (IP) address numbers
  • Biometric identifiers, including finger and voice prints
  • Full face photographic images and any comparable images
  • Any other unique identifying number, characteristic or code
PHI that is either transmitted by electronic media or maintained in electronic media is referred to as electronic protected health information, or ePHI.


Please sign in to leave a comment.
Powered by Zendesk