Here is a list of patient identifying information you need to secure in your healthcare application, as summarized from HIPAA.com. Protected HIPAA Health Information should be:
- Names, Geographic subdivisions smaller than a state, including address, city, county, precinct, zip code
- All elements of the dates related to an individual, except for year. For example, you can list the year a patient was born, but not the month and day since that is identifying.
- Telephone numbers
- Fax Numbers
- Email Adresses
- Social Security numbers
- Medical Record numbers
- Health plan beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers, serial numbers, or license plates
- Device identifiers, and serial numbers
- Web URL’s IP adresses
- Biometric identifiers, including finger and voice prints
- Full face photographic images or comparable images
- Any other uniquely identifying codes or characteristics
In short, if the data can be used to identify an individual patients, then it should be protected. Some data, like zip codes, are not obvious ways to identify an individual. But imagine a scenario where you are treating a rare disease. If only one person in a particular zip code has that disease, then you are potentially identifying that patient by listing the zip codes of patients treated for that disease.
Learn More
Think a Telehealth Solution may be right for your healthcare business?
We have a telehealth platform that is already built and can be quickly white-labeled and licensed for your use. We have decades of experience with over 200,000 hours invested in building real-time applications. You can read a client testimonial here.
Contact us today. We’ll help you get your user-friendly, HIPAA-compliant app — up and running with both the provider and patient in mind.
