Passed in 1996, the Health Insurance Portability and Accountability Act (HIPAA) regulates how patient information is used and disclosed while remaining private and secure.
Patient information is known as protected health information (PHI). PHI refers to all physical and mental health information, payment information, and demographic information that could be used to identify a patient. Electronic protected health information (ePHI) refers to the digital forms of that information. Both PHI and ePHI have rules to regulate their use and disclosure.