1 (218) 451-4151 support@writersnests.org

Protected Health Information (PHI) Identifiers

Protected Health Information (PHI) Identifiers

A list of 18 identifiers was created in 1996 by the US Health  Insurance Portability and Accountability Act (HIPAA) to represent  protected health information (PHI). PHI is any information that can be  used to identify an individual and that was created, used, or disclosed  during a patient-physician encounter. 

In contrast, personal identifiers, such as name and  address, are not considered to be PHI unless they are associated with or  derived from a health-care service event. In addition, health  information by itself without the 18 identifiers is not considered to be  PHI. For example, a dataset that contains only patient vital signs or  blood pressure readings would not be PHI. The identifiers that HIPAA  established are:

  • Names
  • Geographic information (including city, state, and zip code)
  • Elements of dates
  • Telephone numbers
  • Fax numbers
  • E-mail address
  • Social Security numbers 
  • Medical record, prescription numbers
  • Health plan beneficiary numbers
  • Account numbers
  • Certificate/license numbers
  • VIN, serial numbers, license plate numbers
  • Device identifiers, serial numbers
  • Web URLs
  • IP addresses
  • Biometric identifiers (finger prints)
  • Full face, comparable photo images
  • Unique identifying numbers

PHI data can be “de-identified” for use within research or other related projects. 

To prepare for this Discussion, search the Internet for more information on PHI as can be found at the following Web sites:





Also search the Internet for the principles and values of medical  ethics as can be found at the Web site, American Medical Association  Principles of Medical Ethics. Research the laws and regulations that  require care providers to override patient confidentiality and privacy  rights, such as is the case in New York for communicable diseases (for  more information on this, see the New York State Department of Health  Web site).

For this Discussion:

  • Comment on the types of identifiers and consider  their stratification based upon risk to the patient as a result of  non-consensual disclosure. 
  • Discuss the ramifications concerning unauthorized disclosure of a patient’s PHI. 
  • Discuss how the principles of medical ethics apply to unauthorized disclosure.
  • Describe measures that are commonly taken to assure both privacy and security concerning a patient’s PHI, and their rationale.