Question

Covered Entities must use PHI with the minimum necessary information to achieve the stated purpose. While non-medical personnel may have technical access, they have no authority to create, read, or update PHI unless it is necessary to achieve the stated purpose. Research various non-medical roles and outline how they may come in contact with PHI or ePHI. Write 2 paragraphs explaining your research

Answer 1

PHI :

under the U.S law is any information about health status ,provision of health care or payment for health care that is created or collected by a covered entity and care be linkef to a specific individual .

this os interpreted rather broadly and includes any part of the patient medical record or payment history.

In general U.S Governing PHI applies to data collected in the course of providing and paying for health care. Privacy and security regulations governl Low health care professionals ,hospitals ,health insurers and other covered entities use and protect the data they collect.

It is important to understand that the source of the data is as relevant as the data itself when determining if information is DHI under U.S law.

For example: sharing information about some one the street with obvious medical condition is not restricted by U.S law. How ever obtaining information about the amputation exclusively from a protected source ,such as from an electronic medical record.

In general rule ,the PHI can be provided to the individuals on request basis ,but there is some confidenciality should be maintained for some medical information ( such as medico legal cases) .