PII is Personal Identifiable Information is the information that can be used on its own or with other information to identify, contact, or locate a single person and it is maintained by the information technology department of any organization. An example of PII is data like names, place or date of birth, email address, National ID, Passport Number, employment information finical or medical records, etc. Likewise, PHI has Protected health information according to HIPA is any health information whether oral or recorded in any form of media which is created or received by a health care provider, public health authority, employer, life insurer or hospital. PII and PHI are different from any kind of data as it should be collected, maintained and disseminated according to fair information practice which is the base of Laws and regulations. In this article, we will discuss what is needed to make your organization able to handle securely and according to privacy laws. Furthermore, it will help in understanding the basic concepts of industry standards like HIPAA Security rule. Finally, it has recommendation and guidelines to be followed when protecting information
Inhaltsverzeichnis (Table of Contents)
- PHI & PII Protection.
- How to protect (PII) and (PHI)?
- Policies, Procedures and Proper Documentation.
- Policies and Procedures.
- Other documentation required.......
- Awareness, Training, and Education
- Security Controls
- Incident Response Plan
- Audits
- Author Recommendations.
- References.
Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)
This article aims to provide a comprehensive guide on protecting personal identifiable information (PII) and protected health information (PHI) in accordance with industry standards and legal regulations. It emphasizes the importance of establishing robust policies, procedures, and security measures to ensure the confidentiality, integrity, and availability of sensitive data.
- Importance of PII and PHI protection
- Implementation of policies and procedures
- Security controls and technical safeguards
- Awareness, training, and education for employees
- Incident response planning and audits
Zusammenfassung der Kapitel (Chapter Summaries)
The article begins by defining PII and PHI and explaining their importance in relation to privacy laws and regulations. It then discusses the concept of "Fair Information Practices" as a foundation for protecting sensitive data, highlighting its role in the US and internationally.
The article then focuses on the key steps organizations should take to ensure PII and PHI protection, including the development and implementation of comprehensive policies and procedures. It provides examples of relevant policies and emphasizes the need for regular monitoring and updates.
The article also explores the importance of employee awareness, training, and education in safeguarding sensitive data. It highlights the need for security controls, incident response plans, and regular audits to maintain data integrity and prevent breaches.
Schlüsselwörter (Keywords)
The article focuses on key topics such as PII, PHI, data privacy, security, policies, procedures, awareness, training, security controls, incident response, audits, and industry standards such as HIPAA. The discussion emphasizes the importance of adhering to legal regulations and best practices to ensure the protection of sensitive data.
- Quote paper
- Haitham Ismail (Author), 2019, Protecting PII (Personal Identifiable Information) & PHI (Protected Health Information), Munich, GRIN Verlag, https://www.grin.com/document/463630
