PHI vs. PII Examples
According to the National Institute of Standards and Technology (NIST), PII (Personally Identifiable Information) is defined as “any information about an individual maintained by an agency, including:
(1) any information that can be used to distinguish or trace an individual‘s identity, such as name, Social Security number, date and place of birth, mother‘s maiden name, or biometric records; and
(2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.”
PHI (Protected Health Information) is a subset of PII. When PII is generated as part of a healthcare-related operation (treatment, testing, payment, insurance filing, etc.) covered by the rules and regulations of the Health Insurance Portability and Accountability Act (HIPAA), it is considered to be PHI.