The Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy rule uses Protected Health Information (PHI) to define the type of patient information that’s protected by law. PHI is an important factor for HIPAA compliance. But what is PHI?
PHI isn’t just confined to medical records and test results. In fact, any information distributed by a business associate that can identify a patient and is used or disclosed to a covered entity during the course of care is considered PHI. Even if that information doesn’t reveal a patient’s medical history, it is still considered PHI.