Member-only story
Dealing with PHI and PII data
What should be your precautions?
When dealing with PHI and PII or any other kind of protected data is really important to make your team aware of the risks and impacts of dealing with this data.
Let’s take a look at a couple of definitions:
PHI — Protected Health Information
Federal regulations define PHI as:
(1) Except as provided in paragraph (2) of this definition, that is:
(i) Transmitted by electronic media;
(ii) Maintained in electronic media; or
(iii) Transmitted or maintained in any other form or medium.
(2) Protected health information excludes individually identifiable health information:
(i) In education records covered by the Family Educational Rights and Privacy Act, as amended, 20 U.S.C. 1232g;
(ii) In records described at 20 U.S.C. 1232g(a)(4)(B)(iv);
(iii) In employment records held by a covered entity in its role as employer; and
(iv) Regarding a person who has been deceased for more than 50 years.
For healthcare providers and insurance companies, the definition of protected health information is broad. The Department of…
