Below is a quick summary of what PHI and PII records are and under what circumstances they are considered sensitive information.
Note: Take care of your personal records at all time, do not provide these information to anyone unless they are absolutely trusted....
Protected Health Information (PHI)Protected Health Information (PHI) is an individual’s health information that is created or received by a health care provider related to the provision of health care by a covered entity that identifies or could reasonably identify the individual. The 18 identifiers that are considered PHI are included in OHRPP Guidance & Procedures: Health Insurance Portability and Accountability Act (HIPAA)
An individual’s personal and health information that is created, received, or maintained by a health care provider or health plan and includes at least one of the 18 personal identifiers listed below in association with the health information:
- Name
- Street address
- All elements of dates except year
- Telephone number
- Fax number
- Email address
- URL address
- IP address
- Social Security number
- Account numbers
- License numbers
- Medical Record number
- Health plan beneficiary #
- Device identifiers and their serial numbers
- Vehicle identifiers and serial number
- Biometric identifiers (finger and voice prints)
- Full face photos and other comparable images
- Any other unique identifying number, code, or characteristic
Limited Data Set - a limited data set can include the following identifiers: a unique number code, or characteristic that does not include any of the above listed identifiers, geographic data (without street address), and/or dates
Personal Identifiable Information (PII)Personal Identifiable Information (PII) is defined as data or other information which otherwise identifies, an individual or provides information about an individual in a way that is reasonably likely to enable identification of a specific person and make personal information about them known. Personal information includes, but is not limited to, information regarding a person's home or other personal address, social security number, driver's license, marital status, financial information, credit card numbers, bank accounts, parental status, sex, race, religion, political affiliation, personal assets, medical conditions, medical records or test results, home or other personal phone numbers, non-university address, employee number, personnel or student records and so on.
Information about an individual which includes any of the identifiers below:
- Name
- Street address
- All elements of dates except year
- Telephone number
- Fax number
- Email address
- URL address
- IP address
- Social Security number
- Account number, credit or debit card number, in combination with any required security code, access code or password that would permit access to an individual’s financial account
- Driver’s License numbers or California or other identification card number
- Device identifiers and their serial numbers
- Vehicle identifiers and serial number
- Biometric identifiers (finger and voice prints)
- Full face photos and other comparable images
- Any other unique identifying number, code, or characteristic (e.g., student identification number).
Sensitive Data or InformationAn individual’s first name (or first initial) and last name in combination with any of the following:
Social Security Number
Driver’s License Number or California ID card number
Financial account information such as a credit card number
Medical Information
