Protecting your personal health information is of utmost importance as cyber criminals are constantly developing ways to steal this information from unsuspecting users. The portability of mobile devices has added an additional layer of concerns to consider when assessing these security threats and protecting yourself from data theft.
What is PHI?
Protected health information (PHI), also referred to as personal health information, is the demographic information, medical histories, test and laboratory results, mental health conditions, insurance information and other data that a healthcare professional collects to identify an individual and determine appropriate care. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is the primary law that oversees the use of access to and disclosure of PHI in the United States. HIPAA defines PHI as “data that relates to the past, present or future health of an individual; the provision of healthcare to an individual; or the payment for the provision of healthcare to an individual. HIPAA regulates how this data is created, collected, transmitted, maintained and stored by any HIPAA-covered organization.”What identifies personal health information?
HIPAA lists 18 different information identifiers that, when paired with health information, become PHI. Some of these identifiers on their own can allow an individual to be identified, contacted or located. Others must be combined with other information to identify a person. This list includes some of the following:- Name
- Address
- Phone number
- Email address
- Fax number
- Social Security number
- Medical record number
- Account number
- Dates related to an individual such as birthdate, admission date, etc.
- Biometric IDs, such as a fingerprint or voice print
- Full-face photographs and other photos of identifying characteristics
- Health plan beneficiary number