DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.
Introduction
The HIPAA Rules permit the use or disclosure of certain PHI, while preventing the use or disclosure of other PHI. This article discusses the difference between "uses of PHI" and "disclosures of PHI."
What is Protected Health Information?
Protected health information (PHI) is a subset of individually identifiable health information (IIHI) that is:
Transmitted by electronic media;
Maintained in electronic media; or
Transmitted or maintained in any other form or medium.
What is "Use of PHI"?
"Use" means, with respect to individually identifiable health information (IIHI), the sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information. An example of "use" of PHI would be the sharing of PHI between a doctor of a practice and a nurse of the same practice - that is, the sharing of PHI "within an entity."
What is "Disclosure of PHI"?
"Disclosure of PHI" means the release, transfer, provision of access to, or divulging in any manner of information outside the entity holding the information. A disclosure of PHI is the divulging of PHI from one entity to another. The transfer of protected health information from a covered entity to a business associate is a disclosure for purposes of HIPAA. So is the transfer of protected information from an entity that is regulated by HIPAA to one that is not regulated by HIPAA.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article