Medicare Compliance & Reimbursement
Recognize These 18 PHI Identifiers
Tip: Don’t forget a URL can be PHI, too. It’s critical that you know the HIPAA basics to sidestep a violation. More importantly, your practice must understand what constitutes protected health information (PHI) — to safeguard patients’ privacy and keep your organization secure.> Definition: PHI is best defined as “all ‘individually identifiable health information’ held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral,” reminds the HHS Office for Civil Rights (OCR) in its Privacy Rule guidance.> HIPAA Privacy Rule violations come in all shapes and sizes, from postcard snafus to missent text messages to social media mishaps. And that’s why it’s a good idea to know exactly what “individually identifiable health information” refers to.> Here are 18 things that the HIPAA Privacy Rule identifies as PHI:> 1. Name Reminder: If one of these 18 identifiers is included in a chat, an email, a social media post, a text, or any other kind of communication, you are revealing “identifiable” information. However, remember, OCR does not restrict the use and disclosure of “de-identified” health information.> Why? According to OCR guidance, “de-identified health information neither identifies nor provides a reasonable basis to identify an individual,” and it’s often passed two criteria. First, its been verified by a “qualified statistician”; and second, all “specified identifiers” have been removed, including employer and family information, and a covered entity (CE) deems the material stripped of identifiable PHI, indicates OCR.> Find the Privacy Rule summary and more in-depth details on the identifiers and de-identification at www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html.>
2. Address
3. Birthdate and other corresponding dates of admission, discharge, death, etc.
4. Landline and cellphone numbers
5. Fax numbers
6. Email addresses
7. Social Security Number
8. Medical record number
9. Health plan beneficiary number (i.e. Medicare Beneficiary Identifier)
10. Account number
11. State identification or license number
12. Vehicle identifiers and serial numbers, including license plate numbers
13. Device identifiers and serial numbers
14. URLs
15. IP addresses
16. Biometric identifiers like finger or voice prints
17. Photo or image of patient, specifically the face
18. Any other unique code, characteristic, image, or number that identifies the individual>
Medicare Compliance & Reimbursement
- Mythbusters:
MAC Expert Reveals the Truth on 8 Medicare Myths
Hint: Non-par providers can still care for Medicare beneficiaries. Quite a few people believe that [...] - Quality Payment Program:
Test Your MIPS Savvy With These 10 Quick Questions
Hint: Performance Year and Payment Year are not the same. Even though the Quality Payment [...] - E/M Coding:
Conquer Prolonged Service Woes With 3 Tactics
Tip: Document time appropriately. From time to time, providers’ E/M face-to-face visits go into overdrive. [...] - Clip And Save:
Recognize These 18 PHI Identifiers
Tip: Don’t forget a URL can be PHI, too. It’s critical that you know the [...] - Industry Note:
CMS Clamps Down on Nursing Home Fraud and Abuse
Nursing homes care for some of the most vulnerable patients in the U.S., and new [...] - Industry Note:
AHIMA Updates Its Cybersecurity Guidelines
The American Health Information Management Association (AHIMA) offers providers enhanced advice on how to combat a [...] - Industry Note:
Check Out OIG's Revamped Fraud Risk Indicator
According to the feds, Medicare fraud is measured through False Claims Act (FCA) violations and [...] - Industry Note:
Know the Details on the Discharge Planning Final Rule
Medicare released another policy that interweaves interoperability with patient-centered initiatives — and this time it [...]
