Table of Contents
- 1 Introduction
Protected Health Information (PHI) refers to any individually identifiable health-related information that is created, received, or maintained by a covered entity. However, there are certain types of information that are not considered PHI and do not fall under the protection of the Health Insurance Portability and Accountability Act (HIPAA). In this article, we will explore what is not considered protected health information.
1. De-Identified Information
De-identified information is one type of data that is not considered PHI. This refers to health information that has been stripped of any identifying details such as names, addresses, social security numbers, etc. Once the information is de-identified, it no longer falls under the protection of HIPAA.
2. Employment Records
Health information that is part of an individual’s employment records is not considered protected health information. This includes records related to occupational health, employee wellness programs, and medical information collected for employment purposes.
3. Educational Records
Information that is part of an individual’s educational records, such as health records maintained by educational institutions, is not considered protected health information. This includes records related to school physicals, immunizations, and medical treatment provided within an educational setting.
4. Personal Notes
Personal notes created by healthcare providers for their own use are not considered protected health information. These notes are often used for personal reminders, observations, or thoughts and are not intended to be shared with other healthcare providers or entities.
5. Publicly Available Information
Information that is publicly available, such as information found in public directories or websites, is not considered protected health information. This includes contact information, general health-related information, and news articles related to health conditions.
6. Research Data
Data collected for research purposes, as long as it is properly de-identified, is not considered protected health information. This includes data used for clinical trials, epidemiological studies, and other research projects.
7. Law Enforcement Records
Health information that is part of law enforcement records, such as information obtained during an investigation or arrest, is not considered protected health information. This information is subject to other legal protections and may be accessed by law enforcement agencies under specific circumstances.
Results of drug tests conducted for employment purposes are not considered protected health information. These results are typically used by employers to assess an individual’s fitness for a particular job and are not subject to the same privacy protections as PHI.
Health information that an individual explicitly consents to share with others is not considered protected health information. Once an individual provides consent for their health information to be shared, it is no longer subject to HIPAA regulations.
10. Anonymized Data
Anonymized data, which refers to health information that has been stripped of all identifying details and cannot be linked back to an individual, is not considered protected health information. This type of data is often used for statistical analysis and research purposes.
In conclusion, there are several types of information that are not considered protected health information under HIPAA regulations. These include de-identified information, employment records, educational records, personal notes, publicly available information, research data, law enforcement records, employment-related drug testing results, health data shared with consent, and anonymized data. It is important to understand what falls under the protection of HIPAA to ensure compliance and safeguard the privacy of individuals’ health information.