Select Page
« Back to Glossary Index

According to U.S. law, Protected Health Information (PHI), also referred to as Patient Health Information or Personal Health Information, is any data about a person’s health status, the delivery of healthcare, or payment for healthcare that was generated or collected by a covered entity (or a business associate of a covered entity). Any information from a patient’s medical file or payment history is included in this, which is construed quite broadly.

PHI is frequently sought out in datasets for de-identification before researchers disclose the material publicly, as opposed to being anonymized. To protect research participants’ privacy, researchers delete PHI that can be used to identify a specific individual from a dataset.

PHI comes in many different formats, with paper-based personal health records being the most popular physical storage type (PHR). Electronic health records, wearable technology, and mobile applications are examples of additional PHI. Concerns about the security and privacy of PHI have been on the rise in recent years.

For information about PHI, please view guidance on this topic from the Office of the National Coordinator for Health Information Technology (ONC).

« Glossary Index