HIPAA stands for Health Insurance Portability and Accountability Act of 1996. It is a set of federal rules designed in part to protect the privacy of a person's health information. Often referred to as Protected Health Information or PHI.
Protected Health Information is any information in the medical record or designated record set that can be used to identify an individual and that was created, used, or disclosed in the course of providing a health care service such as diagnosis or treatment. It applies to PHI in any form: electronic or paper records; x-rays; schedules; medical bills; dictated notes, dental casts, conversations and more. Health information + Directly Identifiable Data = PHI
Personally Identifiable Information (PII) becomes PHI when any information about a health condition, provision of health care or payment for health care is associated with it. Personally Identifiable Information + Health Information = PHI
HIPAA: Permitted Uses and Disclosures without a written authorization include:
Disclosures to Friends and Family
FAQs about the Disposal of PHI