Webinar: Join us, Tues 5/24. Nightfall & Hanzo experts will discuss how machine learning can enhance data governance, data security, and the efficiency of legal investigations. Register now ⟶

Blog 2 min read

What is PHI?

by Michael Osakwe Published Mar 30, 2019

PHI is protected health information and ePHI is electronic protected health information. Under HIPAA, PHI refers to individually identifiable health information. Individually identifiable health information is that which can be linked to a particular person. Specifically, this information can relate to:

  • The individual’s past, present or future physical or mental health or condition,
  • The provision of health care to the individual, or,
  • The past, present, or future payment for the provision of health care to the individual.


Common identifiers of health information include names, social security numbers, addresses, and birth dates.

Here’s the broader set of 18 identifiers of PHI:

  • Names (of patients, relatives, or employers) 
  • Social security numbers 
  • Device identifiers and serial numbers 
  • All geographic subdivisions smaller than a State 
  • Medical record numbers 
  • Web Universal Resource Locators (URLs) 
  • All elements of dates (except year) including birth date, admission date, discharge date, date of death; and all ages over 89 
  • Health plan beneficiary numbers 
  • Internet Protocol (IP) address numbers 
  • Telephone numbers 
  • Account numbers 
  • Biometric identifiers, including finger and voice prints 
  • Fax numbers 
  • Certificate/license numbers 
  • Full face photographic images and any comparable images 
  • Electronic mail addresses 
  • Vehicle identifiers and serial numbers, including license plate numbers 
  • Any other unique identifying number, characteristic, or code 

Learn more about HIPAA in our article What is HIPAA? or learn more about finding PHI in Slack in our article Is Slack HIPAA compliant?

Nightfall enables you to discover, classify, and protect forms of PHI across your cloud applications, like Slack, so you can prevent PHI from entering these systems. This will help you keep sensitive customer data safe, and avoid bringing these systems in scope for compliance. Learn more about Nightfall, watch a demo, or start a free trial here.

Subscribe to our newsletter

Receive our latest content and updates

Nightfall logo icon

About Nightfall

Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.


Schedule a Demo

Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at sales@nightfall.ai.

call to action

See Nightfall in action.

Schedule a demo