Protected Health Information is any data that is contained in medical records for an individual. This data can be exploited in many ways by thieves, and represents a significant privacy risk.
Regulations
PHI was first defined by HIPAA, which maintains the responsibility of those who hold PHI in its Security Rule. The HIPAA Security Rule requires physicians to protect patients' electronically stored, protected health information (known as “ePHI”) by using appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of this information.