What is Protected Health Information?

Susitna Glacier & Protected Health InformationWhy Does it Matter?

Protected health information, or PHI, is any piece of data in your health record that can be individually linked to you or individually identify you. Examples of PHI data include your name, address, social security number, or birth date. In recent years, the definition of PHI has been expanded to cover electronic identifiers such as IP addresses, email addresses, biometrics, and web URLs.

Understanding Protected Health Information

Any record that exists with personally identifiable information puts you at risk. Today, individuals use credit cards to make copayments at doctor’s offices; some may use online portals to make payments with bank accounts. Your insurance ID number is on every claim providers send; your social security number is often linked to provider files or claims. This conglomeration of information in your health record makes it a prime target for hackers and cybercriminals. Everything someone needs to steal your identity is in your health record.

Providers Must Protect Patients

Because of the vulnerability that exists related to protected health information, providers are required by law to protect patients. The Federal Health Insurance Portability and Accountability Act, or HIPAA, as well as state and industry regulations, provide specific instructions regarding provider safeguards for paper and electronic health records. When you attend an appointment with a new provider, you’re asked to sign a HIPAA form, which states you were provided with a privacy policy. Read that policy and ask questions if you don’t understand how the provider uses, stores, and manages your records. You may even want to take a copy of that privacy policy for future reference.

Protecting Yourself

The provider isn’t the only entity that can safeguard your PHI. Take steps to protect yourself by securing copies of health records in your possession, limiting the amount of information you share online or with non-covered entities, and not carrying all of your account information in your purse or wallet. It’s also a good idea to sort through old files, professionally shredding those you no longer need.