PersonaI Identifiable Information (PII) VS Protected Health Information (PHI)
What’s the Difference?
NOTE: Many pieces of information are BOTH PII and PHI, but what makes a difference from a regulation’s standpoint is where the information is obtained.
Personal Identifiable Information (PII)
This is any data or content that can be used to identify, contact, or locate an individual. Your PII can be used to single you out among millions of other people. Your unique information is linked to every aspect of your life. Things such as your credit scores, ability to drive, or your healthcare can be connected to you by PII. This term is not related to HIPAA and is not regulated by any one entity or in any one industry like Protected Health Information (PHI) is.
PII Identifiers:
|
Name - this includes a person’s full name, maiden name, or any alias they may be using |
|
Birthdate |
|
Driver’s license, state identification card number, or passport number |
|
Social security number or tax ID number |
|
Address and phone number information - this includes email or physical address |
|
Medical information or patient identification number |
|
Login credentials |
|
Financial login information or PINs |
|
Biometric data - such as retina scan, x-rays, voice signature, fingerprints, or face geometry |
|
Personal property records |
|
Employment records |
- Use your debit card number to steal funds / Open a new credit card or loan
- Open a bank account to write bad checks / Acquire a new driver’s license or ID
- Give your personal information in the event of an arrest
Protected Health Information (PHI)
This is any medical information that can identify an individual, that was created, used, or disclosed while providing healthcare services, whether it was a diagnosis or treatment. PHI is any past, present, or future physical health condition or information that doctors use and/or disclose during the care that can identify a patient. Even if that information doesn’t reveal a patient’s medical history, it is still considered PHI when linked to someone’s health condition.
The HIPAA Privacy Rule provides federal protections for protected health information held by covered entities and gives patients an array of rights with respect to this information.
18 PHI Identifiers:
|
Full Names or last name and initial |
|
All Geographical Identifiers (smaller than a state) |
|
Dates (other than year) directly related to an individual such as birthday or treatment dates |
|
Phone Numbers including area code |
|
Fax Numbers |
|
Social Security Numbers |
|
Email Addresses |
|
Medical Record Numbers |
|
Bank Account Numbers |
|
Certificates / Driver’s License Numbers |
|
Vehicle Identifiers (including VIN and license plate information) |
|
Device Identifiers and Serial Numbers |
|
Web Uniform Resource Locators (URLs) |
|
Internet Protocol (IP) Address Number |
|
Biometric Identifiers (i.e. retinal scan, fingerprints) |
|
Full Face Photos and comparable images |
|
Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data |
|
Health Insurance Beneficiary Numbers |
If you would like general information about HIPAA, click to view the HIPAA page. Or, if you would like information regarding Travis County’s HIPAA Policies, or to report a suspected privacy concern, contact the HIPAA Compliance and Privacy Officer.
