Electronic Protected Health Information (ePHI) refers to Protected Health Information (PHI) that is produced, saved, sent or received electronically.
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule establishes compliance guidelines for any organization or corporation (referred to as “covered entities”) that directly handles ePHI data, whether at rest or in transit.
The Security Rule mandates covered entities — including hospitals, doctor’s offices and health insurance providers — to ensure the confidentiality, integrity and availability of all ePHI they create, receive, maintain or transmit.