Texas Health and Human Services System logo
HHS Computer Usage and Information Security Training
Module 1: Introduction
Outline - opens course outline in a new window
Help - opens Help menu in a new window
Close course - closes course
2. Why Information Security? Back
4 of 8
Next

HIPAA, PHI, EPHI and PII

the Health Insurance Portability and Accountability Act logoProtected Health Information (PHI), The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information "protected health information (PHI)."

"Individually identifiable health information" is information, including demographic data, that relates to:

  • the individual's past, present, or future physical or mental health or condition,
  • the provision of health care to the individual, or
  • the past, present, or future payment for the provision of health care to the individual, and that identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual. Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).

The HIPAA Security Rule, effective on April 20, 2005, specifically focuses on the safeguarding of Electronic Protected Health Information (EPHI).

Personally Identifiable Information (PII), as used in information security, refers to information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.

Instructions Click or select the NEXT button above to continue.
Previous Lesson
   Next Module