Protected Health Information (PHI) is health information that is acquired while treating patients. This can contain details such as name, social security ID, email Ids, contact details, medical record ID, health plan ID, names of close relatives, certificates, license number, fingerprint information, photos, etc.
There are stringent rules about disclosure of these details. Healthcare professionals are permitted to use PHI for purposes that may include treatment of a patient, to justify the payment for a patient’s treatment and for some financial, legal or other health-care business improvement initiatives. Also healthcare enterprises can make disclosures in case of enquiries into the patient’s location involving disaster relief or if the details are required by the patient’s relatives who have been identified and designated by the patient.
For any PHI disclosure, the healthcare professional requires either a written permission or authorization from the patient to utilize or disclose PHI for reasons that maybe separate from treatment, payment, healthcare requirements, etc. However the enterprise can disclose some general demographic information or treatment dates for fund-raising purposes, and this does not require any authorization. Healthcare enterprises can share PHI while coordinating or managing health care related services for treatment reasons or consultation between the patient and a third party.