What Information Is Not Protected Under Hipaa?

Can I talk about patients without saying their name?

HIPAA violation: yes.

However, even without mentioning names one must keep in mind if a patient can identify themselves in what you write about this may be a violation of HIPAA.

HIPAA violation: potentially yes if someone can identify it is them and prove it.

So, technically yes but proving it would be difficult..

Is a telephone number PHI?

The relationship with health information is fundamental. Identifying information alone, such as personal names, residential addresses, or phone numbers, would not necessarily be designated as PHI.

How can we protect PHI?

Examples of how to keep PHI secure:If PHI is in a place where patients or others can see it, cover or move it.If you work with PHI on your desk or on a computer, make sure no one can walk up behind you without knowing it.When PHI is not in use, store it in a locking office or a locking file cabinet.More items…

What is the difference between Hipaa and Phi?

The Privacy Rule covers the physical security and confidentiality of PHI in all formats including electronic, paper and oral. The HIPAA Security Rule on the other hand only deals with the protection of ePHI or electronic PHI that is created, received, used, or maintained.

What is considered PHI information?

The Definition of PHI PHI is any information in a medical record that can be used to identify an individual, and that was created, used, or disclosed to a covered entity and/or their business associate(s) in the course of providing a health care service, such as a diagnosis or treatment.

What is the best example of protected health information PHI?

Health information such as diagnoses, treatment information, medical test results, and prescription information are considered protected health information under HIPAA, as are national identification numbers and demographic information such as birth dates, gender, ethnicity, and contact and emergency contact …

What is covered under Hipaa laws?

The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.

Is patient name alone considered PHI?

Pursuant to 45 CFR 160.103, PHI is considered individually identifiable health information. A strict interpretation and an “on-the-face-of-it” reading would classify the patient name alone as PHI if it is in any way associated with the hospital.

When can you use or disclose PHI?

Generally speaking, covered entities may disclose PHI to anyone a patient wants. They may also use or disclose PHI to notify a family member, personal representative, or someone responsible for the patient’s care of the patient’s location, general condition, or death.

What information is not considered PHI?

For example, employment records of a covered entity that are not linked to medical records. Similarly, health data that is not shared with a covered entity or is personally identifiable doesn’t count as PHI. For example, heart rate readings or blood sugar level readings without PII.

What information does Hipaa cover?

The HIPAA Privacy Rule applies to all forms of PHI, including paper records, films, and electronic health information, even spoken information. This information is classed as protected health information when it contains identifiers that would allow a patient or health plan member to be identified.