HIPAA Guidelines

HIPAA set National Standards for:

  • Privacy of confidential, protected health information (PHI)
  • Security of health information – physical, technical and administrative security measures
  • Electronic exchange of health information


Healthcare providers and staff are required by federal law to protect the confidentiality of PHI.

PHI includes the patient’s health condition, payment information, and any information that would identify the patient including their name, address and/or zip code, social security number and age. It may not be their name but could be any information that could lead to their identity.

PHI could be on the phone, talking outside the office, on paper or the computer. It could be verbal, hand written or electronic.