PII or PHI What is the Difference?
Jume 11, 2020
“PHI” and “PII” are acronyms commonly used when referring to personal consumer information. Although both terms reference personal data, PHI and PII have quite different definitions.
PII, or “personally identifiable information”, is any data that can be used to directly locate, contact or identify an individual. Some examples include:
- Telephone number
- Birth date
- A personal identification number (passport number, license number, social security number, etc.)
- Unique bio-metric data (e.g., fingerprint, distinguishing features, retina scan, etc.)
PHI stands for “protected health information”. This information is legally protected under The Health Insurance Portability and Accountability Act, or “HIPAA”, for short. HIPAA law requires certain security protocols to be followed in order to protect the confidentiality of patient information transmitted in ANY form (verbal/written/electronic) by health plans, healthcare providers, and their business associates/subcontractors.
Insurance agents fall into the “business associates/subcontractors” category.
PHI encompass any demographic data that relates to an individual’s past, present or future physical or mental health condition, the management of health care to the individual, or the past, present or future payment for the management of health care.
The correct use of the terms “PHI” and “PII” is dependent upon the how the referenced information is stored, used or treated. If it is being referred to in the context of healthcare, it is most likely PHI.
For more information about HIPAA security protocols, please visit the following page on CMS.Gov: Privacy and Security Information
As always, we thank you for your support and cooperation. For questions or comments, please email us at Compliance@NSGACommunications.com or you may call the toll-free number listed below.
FOR AGENT USE ONLY. NOT FOR USE WITH CONSUMERS.
Compliance Updates | 2650 McCormick Drive | Clearwater, FL 33759 | 844.206.2927