Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is protected health information?

Protected health information (PHI) describes health data that is created, received, stored, or transmitted — by electronic media or in any other form or medium — by HIPAA-covered entities and their business associates in relation to the provision of healthcare, healthcare operations, and payment for healthcare services. Protected health information includes individually identifiable health information — i.e. health information that can be connected to a specific person, or information by which an individual could be identified. This could include medical histories, test results, insurance information, demographic data, and other information used to identify or provide healthcare or coverage for a patient.


Protected health information is protected under the HIPAA Privacy Rule, which sets standards to safeguard individuals’ PHI and establishes when PHI may be used and disclosed. The HIPAA Security Rule specifies technical, administrative, and physical safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI).


Compliance with HIPAA is required of those organizations and employees who work in or with the healthcare industry, or who have access to protected health information. Organizations working in healthcare or with related clients and prospects should have an understanding of what is considered protected health information under HIPAA law. Organizations that violate the provisions of the HIPAA Rules may be penalized.

Additional resources you might like:

Compliance
Event
Automating SOC 2 compliance & more

Join Vanta’s 45-minute live product demo on March 12 at 11 am PST where Devin and Natalie will walk you through the Vanta platform and show you how we automate 90% of the work for security and privacy frameworks, and help you move towards a state of continuous compliance.

Compliance
Event
ISO 27001 & SOC 2 Compliance Automation

Join Vanta’s 45-minute live product demo on 13 March at 11 am GMT. Two of our team members will walk you through the platform and answer questions throughout the session.

GDPR
Event
AMAA: Demystifying GDPR to make progress and fuel EU Growth

Want to quickly get up to speed with GDPR so you can supercharge your growth in the European market? Join our next Ask Me (Almost) Anything webinar on February 28th at 8:30am PST / 4:30pm GMT to find out how.

Get compliant and
build trust, fast.

Two wind turbines on a white background.