Healthcare Category

The 18 HIPAA Identifiers: What Data's Protected Under HIPAA?

2 min read PubNub Staff on Apr 21, 2020
Try PubNub Today

Free up to 1MM monthly messages. No credit card required.

Subscribe to our newsletter

By submitting this form, you are agreeing to our Terms and Conditions and Privacy Policy.

Understanding HIPAA identifiers is a crucial part of achieving HIPAA compliance if your company stores or transmits protected health information (PHI).

HIPAA identifiers consist of 18 types of information that can be used to identify, contact, or locate an individual patient. In healthcare, patient information is often referred to as protected health information (PHI). Due to the passing of the Health Insurance Portability and Accountability Act (commonly referred to as HIPAA) in 1996, companies that manage PHI must follow strict protocols when storing and transmitting this information. The HIPAA Security Rule states that PHI must be protected using administrative, physical, and technical safeguards.

The 18 HIPAA Identifiers 

  1. Name
  2. Address
  3. Dates (of appointments, payments, etc.)
  4. Telephone number
  5. Fax number
  6. Email address
  7. Social Security number
  8. Medical record number
  9. Health plan/insurance beneficiary number
  10. Account number
  11. Certificate / license number
  12. Any vehicle identifiers (e.g. license plate number)
  13. Device identifiers and serial numbers
  14. Web URLs (Links)
  15. Internet Protocol (IP) address
  16. Biometric identifiers (finger / retinal / voice)
  17. Photographic images
  18. Any other characteristic that may be used to uniquely identify an individual

What is Considered PHI Under HIPAA?

According to the U.S. Department of Health & Human Services, protected health information includes any information involving a patient’s physical or mental health, healthcare information, and payment information. If a piece of information can be used to identify, contact, or locate an individual, it is likely considered PHI under HIPAA. To ensure HIPAA compliance, companies must securely manage PHI or risk severe fines and sanctions.

How to Stay HIPAA Compliant

HIPAA applies to HIPAA-covered entities and their business associates. If you’re building an application that stores or transfers healthcare data, you must ensure that you’re using the right safeguards to protect patient information, such as HIPAA compliant chat. When dealing with patient data, avoid collecting any unnecessary information and make sure to permanently delete PHI when it is no longer needed. If you use video conferencing to communicate with your patients or to transfer PHI, you must use HIPAA compliant video conferencing. If your business stores and transmits data, encrypt this data and use HIPAA compliant cloud storage to ensure that it can’t be tampered or altered without patient consent. PubNub has been HIPAA compliant since 2015, so you can be assured that any PHI stored or streamed on your application aligns with HIPAA’s policies. For everything you need to know about building a HIPAA-complaint app, download our ebook, So You’re Building a HIPAA-compliant App.

More from PubNub

Top Trends to Engage Your App Users
InsightsSep 27, 20224 min read

Top Trends to Engage Your App Users

Take a look at the top trends that are the most effective in attracting customers and reducing churn, and how you can incorporate...

PubNub Staff

PubNub Staff

Comparing Game Engines: Unity vs Unreal vs the Rest
Real-Time Gaming BlogSep 21, 20225 min read

Comparing Game Engines: Unity vs Unreal vs the Rest

Comparing the major game engines: Unity vs Unreal Engine vs Corona SDK vs GameMaker Studio, including the benefits and cons of...

PubNub Staff

PubNub Staff

Python Socket Programming: Client, Server and Peer Libraries
BuildSep 21, 20226 min read

Python Socket Programming: Client, Server and Peer Libraries

Sockets (aka socket programming) enable programs to send and receive data, bi-directionally, at any given moment. This tutorial...

PubNub Staff

PubNub Staff