Quick Answer: What Are Some Common Identifiers Of PHI?

What are the 18 patient identifiers?

18 HIPAA IdentifiersName.Address (all geographic subdivisions smaller than state, including street address, city county, and zip code)All elements (except years) of dates related to an individual (including birthdate, admission date, discharge date, date of death, and exact age if over 89)Telephone numbers.Fax number.Email address.More items….

Is age an identifier under Hipaa?

The following are considered limited identifiers under HIPAA: geographic area smaller than a state, elements of dates (date of birth, date of death, dates of clinical service), and age over age 89. The remaining identifiers in the bullet list are considered to be direct identifiers.

What are direct identifiers?

Direct identifiers include information that relates specifically to an individual such as the individual’s residence, including for example, name, address, Social Security Number or other identifying number or code, telephone number, e-mail address, or biometric record. See also Indirect Identifier.

What is PHI medical?

PHI stands for Protected Health Information and is any information in a medical record that can be used to identify an individual, and that was created, used, or disclosed in the course of providing a health care service, such as a diagnosis or treatment.

When can you use or disclose PHI?

Generally speaking, covered entities may disclose PHI to anyone a patient wants. They may also use or disclose PHI to notify a family member, personal representative, or someone responsible for the patient’s care of the patient’s location, general condition, or death.

What is considered a patient identifier?

Patient names. Geographical elements (such as a street address, city, county, or zip code) Dates related to the health or identity of individuals (including birthdates, date of admission, date of discharge, date of death, or exact age of a patient older than 89) Telephone numbers. Fax numbers.

Is IP address considered PHI?

Device identifiers and serial numbers. Internet protocol addresses. Full face photos and comparable images. Biometric identifiers (i.e. retinal scan, fingerprints)

How do you identify PHI?

As discussed below, the Privacy Rule provides two de-identification methods: 1) a formal determination by a qualified expert; or 2) the removal of specified individual identifiers as well as absence of actual knowledge by the covered entity that the remaining information could be used alone or in combination with other …

What are unique patient identifiers?

The purpose of a unique patient identifier is to allow for patients to be efficiently matched with their health codes. Under a unique patient identifier system, individuals would be assigned a unique national patient identifier code, to which their health data would be tied.

What are examples of PHI?

Examples of PHIPatient names.Addresses — In particular, anything more specific than state, including street address, city, county, precinct, and in most cases zip code, and their equivalent geocodes.Dates — Including birth, discharge, admittance, and death dates.Telephone and fax numbers.Email addresses.More items…•

Are subject initials considered PHI?

HHS Publishes Guidance on How to De-Identify Protected Health Information. … It notes that derivations of one of the 18 data elements, such as a patient’s initials or last four digits of a Social Security number, are considered PHI.

What is the best example of protected health information?

Health information such as diagnoses, treatment information, medical test results, and prescription information are considered protected health information under HIPAA, as are national identification numbers and demographic information such as birth dates, gender, ethnicity, and contact and emergency contact …

Is gender considered PHI?

According to HIPAA, protected health information PHI is any information that can personally identify an individual patient, according to a variety of identifiers. … Demographic information – Birth dates, ethnicity, gender, and contact information.

Is patient name alone considered PHI?

Pursuant to 45 CFR 160.103, PHI is considered individually identifiable health information. A strict interpretation and an “on-the-face-of-it” reading would classify the patient name alone as PHI if it is in any way associated with the hospital.

Is patient ID considered PHI?

A: A medical record number is considered PHI. The HIPAA Privacy Rule lists the medical record number as a patient identifier. … However, if other data such as diagnosis and birthdate are included with the medical record number, transmitting PHI via the Internet is not recommended unless it is encrypted.