Protected Health Information (PHI) is basically the personally identifiable health information that is protected and regulated by the Health Insurance Portability and Accountability Act, better known as HIPAA. The Health Insurance Portability and Accountability Act (HIPAA) was filed or rather written 20 years ago when smartphones were a distant reality.
Therefore, everything related to this act was penned down for mostly an analog world of physical X-rays and even paper files. And in today’s era of wearables, genetic sequencing, health apps, and much more, getting a proper and precise definition of PHI can be quite difficult to understand, especially for the developers who are trying to parse or figure out whether they need to be HIPAA compliant or not.
Through this post, we hope to provide a clearer picture of what exactly is PHI or Protected Health Information and what is not considered PHI. And hopefully, you as a healthcare software developer will be able to use the below-mentioned information as a reference while you are determining if all the information that you are collecting for your digital health solution fall under PHI or not.
Before we proceed further to talk about the definition of PHI, what information constitutes PHI and what doesn’t, let’s first understand two major definitions under HIPAA and those are – Business Associates and Covered Entities.
Read More: What is PHI