Protected Health Information ( HIPAA )
Protected Health Information (PHI) is defined by the Health Insurance Portability and Accountability Act (HIPAA). PHI is individually identifiable health information that relates to the
- Past, present, or future physical or mental health or condition of an individual.
- Provision of health care to the individual by a covered entity (for example, hospital or doctor).
- Past, present, or future payment for the provision of health care to the individual.
The following individually identifiable data elements, when combined with health information about that person, make such information protected health information (PHI):
- Telephone numbers
- Fax numbers
- Email addresses
- Social Security Numbers
- Medical record numbers
- Health plan beneficiary numbers
- License plate numbers
- Full-face photographic images
- Any other unique identifying number, characteristic, code, or combination that allows identification of an individual
- U.S. Dept of Health HIPAA website
- Health and Human Services Information for Covered Entities
- Michigan Medicine Compliance
- U-M Compliance Resources Center - HIPAA
- Not Permitted
- Permitted with Encryption