What is EPHI or Electronic Protected Health Information?

Electronic protected health information (ePHI)

Electronic protected health information (ePHI) is any protected health information (PHI) that is created, stored, transmitted, or received electronically.

Electronic protected health information includes any medium used to store, transmit, or receive PHI electronically. The following and any future technologies used for accessing, transmitting, or receiving PHI electronically are covered by the HIPAA Security Rule:

  • Media containing data at rest (storage)
    • Personal computers with internal hard drives used at work, home, or traveling
    • External portable hard drives, including iPods and similar devices
    • Magnetic tape
    • Removable storage devices, such as USB memory sticks, CDs, DVDs, and floppy disks
    • PDAs and smartphones
  • Data in transit, via wireless, Ethernet, modem, DSL, or cable network connections
    • Email
    • File transfer
Print Friendly, PDF & Email