voted-icon

EasyLlama Consistently Recognized Among Top Training Software Solutions

Learning About the HIPAA Privacy Rule

In this chapter, we will learn about one of HIPAA's most important regulations, the Privacy Rule. In 2003, there were some important amendments to the HIPAA law. The Privacy Rule and Security Rule were put in place to provide a guideline for protecting PHI. 

Sign Up For A Free Preview

Get Your Organization Trained Today

llama imgllama img
media

What does the Privacy Rule do?

media

The Privacy Rule protects all individually identifiable health information held or transmitted by a covered entity or its business associate. Regardless of which form the PHI comes in, whether it be electronic, paper, or oral, it is protected under the HIPAA Privacy Rule.

media

What Info is Protected by the HIPAA Privacy Rule?

media

The HIPAA Privacy Rule protects all personal health information, also known as PHI. This includes demographic information, such as age, race, and gender; physical or mental condition of the individual that relates to the past, present, or future physical or mental condition of an individual; and the payment for or provision of healthcare.

How to De-Identify Data

Sometimes healthcare organizations or their business associates may want to share information with each other for business purposes. In order to do so, they must de-identify their PHI. It also is important to note that certain health information maintained by a covered entity is not protected by the Privacy Rule.

Using De-Identified Health Information

Health information that is de-identified can be used and disclosed by a covered entity without the patient's authorization. Additionally, wearable devices that track patient information are considered PHI according to HIPAA law, but only if they are sponsored by a covered entity or business associate. If the third party device or app developer was not contracted by a HIPAA covered organization, then the data they collect is not considered PHI.

Removing Identifiers

To de-identify data, a covered entity must remove all 18 identifiers, except for vague identifiers such as "age under 90" and "state of residence." In addition, identifiable information alone is not PHI. For example a diagnostic code by itself is not PHI. But a healthcare payment receipt with the patient’s email address is PHI.

What exactly is PHI?

PHI excludes health information that is de-identified according to specific standards. PHI is considered to be de-identified when information does not identify an individual or when there is “no reasonable basis to believe that the information can be used to identify an individual.”

What is The Privacy Rule?

  • PHI
  • Privacy Rule
prev

PHI

PHI stands for Protected Health Information and is defined as any individually identifiable health information that is collected, transmitted, and maintained in any form or medium. It includes information regarding a person's past, present, or future physical or mental health conditions, the provision of health care to an individual, or the past, present, or future payment for the provision of health care to an individual.

next

state iconLearners love easyllama

What Information is Considered PHI

It is important that you clearly understand what information is considered PHI. Learn about the 18 identifiers that are protected under HIPAA law.

  • Online Data
  • Dates
  • Identification Proof Data
  • Addresses
  • Names
  • Physical Data
  • Contact Info
  • Unique Data
llama

Get An Instant Free Course Preview!

media

Protect Patient Information with HIPAA Privacy Rule Training

media

HIPAA Privacy Rule Training is a crucial step in ensuring patient information is properly protected. EasyLlama’s training helps healthcare providers, staff and other personnel working with patient information to understand their responsibilities in protecting the information. Our HIPAA course covers topics such as the use and disclosure of protected health information, individual rights, policies and procedures, and the use of appropriate safeguards. It is important for everyone to be aware of their responsibilities under the HIPAA Privacy Rule so that all patient information is kept safe and secure.

Helping over 8,000+ organizations create a safer, more inclusive company culture.

company-logo-0
company-logo-1
company-logo-2
company-logo-3
company-logo-4
company-logo-5
company-logo-6
company-logo-7
company-logo-8
company-logo-9
company-logo-10
company-logo-11
company-logo-12
company-logo-13
company-logo-14
company-logo-15
company-logo-16
company-logo-17
company-logo-18
company-logo-19
company-logo-20
company-logo-21
company-logo-22
company-logo-23
company-logo-24
company-logo-25
state iconGet more from easyLlama

The Most Comprehensive HIPAA Training Solution

EasyLlama’s online training course helps prepare employees to navigate HIPAA. This course provides an in-depth examination of how to respond to a breach of confidential data and the best way to protect your patients. The course covers:

Chapter 1: Introduction and Overview of HIPAA

Chapter 2: The Privacy Rule

Chapter 3: Minimum Necessary Requirements

Chapter 4: How and When to Use PHI

Chapter 5: Individual Rights

Chapter 6: Business Associate Agreement

Chapter 7: The Security Rule

Chapter 8: The Enforcement Rule

Chapter 9: The Breach Notification Rule

Chapter 10: HIPAA Timeline and Updates

Chapter 11: What Have We Learned?

Chapter 12: Conclusion

Get Started In Just 5 minutes

See how EasyLlama can support your organizational goals and help build a safe and inclusive company culture

llama img