Protected Health Information (PHI) is mandated by the Health Insurance Portability and Accountability Act (HIPAA) to be protected at all costs. That said, healthcare organizations are obligated to know what is covered by PHI, which is any piece of information on a patient’s medical record that was made, disclosed, or used during the course of their treatment or diagnosis that can personally identify them. It can pertain to many different identifiers and information that can be recorded throughout billing and treatment.
Collecting protected health information is mandatory in the healthcare industry. Because of its importance, it needs to be protected at all times. There are at least 18 types of information that are classified under HIPAA, according to the Office for Civil Rights and the Department of Health and Human Services. These include the basics (i.e. name, address, contact details, and any dates directly related to a person), social security number, health plan beneficiary and medical record numbers, address, and vehicle identifiers. Biometric identifiers, license or certificate numbers, and full-face photos are also included.
HIPAA data protection also covers ePHI (electronic protected health information), which is any PHI created, transmitted, received, or stored electronically. There are specific guidelines by the HIPAA Security Rule, and they dictate how ePHI must be assessed. For instance, the media for storing data include personal computers, magnetic tape, external portable hard drives, PDAs and smartphones, and removable storage devices. The means for transmitting data through cable network, DSL, modem, ethernet, or Wi-Fi connections include file transfers and email.
No matter where you store or how you handle PHI, you need to make sure that your methods are compliant with HIPAA data protection standards. DBHawk is an enterprise security solution that you can consider for a more robust and secure way to access and manage data in your healthcare organization or medical facility. It is a web-based database management and data security platform that enables access to data on databases hosted on-premise or in the cloud, with central security. By using DBHawk instead of client-server tools, you get a solution that can support many different users while ensuring secure access to your entire database.