Quick Answer: When Protected Health Information Is Transmitted Electronically?

Can PHI be sent electronically?

The Security Rule allows for e-PHI to be sent over an electronic open network as long as it is adequately protected..

Can protected health information be emailed?

Yes, organizations can send PHI via email, if it is secure and encrypted. According to the HHS, “the Security Rule does not expressly prohibit the use of email for sending ePHI. … Essentially, you can send ePHI via email, but you have to do it securely, on HHS terms.

Which of the following is an example of protected health information PHI?

Health information such as diagnoses, treatment information, medical test results, and prescription information are considered protected health information under HIPAA, as are national identification numbers and demographic information such as birth dates, gender, ethnicity, and contact and emergency contact …

When can you use or disclose protected health information?

Covered entities may disclose protected health information that they believe is necessary to prevent or lessen a serious and imminent threat to a person or the public, when such disclosure is made to someone they believe can prevent or lessen the threat (including the target of the threat).

What is the best example of PHI?

Examples of PHIPatient names.Addresses — In particular, anything more specific than state, including street address, city, county, precinct, and in most cases zip code, and their equivalent geocodes.Dates — Including birth, discharge, admittance, and death dates.Telephone and fax numbers.Email addresses.More items…•

How do you secure patient information?

How Can You Secure Patient Information?A firewall to prevent unauthorized individuals from accessing your network and data.A spam filter to block malicious emails and malware.An antivirus solution to block and detect malware on your system.A web filter to prevent employees from accessing malicious websites.More items…•

What are the 3 Hipaa rules?

Broadly speaking, the HIPAA Security Rule requires implementation of three types of safeguards: 1) administrative, 2) physical, and 3) technical. In addition, it imposes other organizational requirements and a need to document processes analogous to the HIPAA Privacy Rule.

When protected health information PHI is transmitted electronically?

Electronic protected health information (ePHI) – PHI that is transmitted by electronic media; maintained in electronic media; transmitted or maintained in any other electronic form or medium. Under the HIPAA Privacy Rule, protected health information (PHI) refers to individually identifiable health information.

What is an appropriate way of handling electronic protected health information?

By using encryption to protect all ePHI including communications with patients, business associates and other healthcare providers, organizations can greatly reduce the chance of a HIPAA breach.

What is the best example of personally identifiable information?

Examples of personally identifiable information (PII) include : Social security number (SSN), passport number, driver’s license number, taxpayer identification number, patient identification number, and financial account or credit card number. Personal address and phone number.

Which of the following is not protected health information PHI?

For example, employment records of a covered entity that are not linked to medical records. Similarly, health data that is not shared with a covered entity or is personally identifiable doesn’t count as PHI. For example, heart rate readings or blood sugar level readings without PII.

How do you protect protected health information?

10 Best Practices for Securing Protected Health InformationDevelop a culture of security. … Implement a risk management program. … Manage relationships with vendors and business associates. … Create an incident response process. … Audit and monitor the environment. … Manage the enterprise. … Encrypt data. … Monitor the database.More items…