What is Individually Identifiable Health Information (IIHI)

Individually Identifiable Health Information (IIHI) is information that is a subset of health information, including demographic information collected from an individual, that identifies the individual or can reasonably be used to identify the individual;  and: 

1. Is created or received by a healthcare provider, health plan, employer, or healthcare clearinghouse; and
2. Relates to the past, present, or future physical or mental health or condition of an individual; the provision of healthcare to an individual; or the past, present, or future payment for the provision of healthcare to an individual; and
   • That identifies the individual; or
   • With respect to which there is a reasonable basis to believe the information can be used to identify the individual. 

IIHI only becomes PHI when a covered ‘entity creates, receives, or maintains the information.

Example of Individually Identifiable Health Information (IIHI) may include:

• The individual’s past, present, or future physical or mental health or condition. 
• The provision of health care to the individual. 
• The past, present, or future payment for the provision of health care to the individual. 
• Information related to the individual’s past, present, or future physical or mental health or condition. 
• Information related to the provision of health care to the individual. 
• Information related to the past, present, or future payment for the provision of health care to the individual. 
• Identifiers like name, address, birth date, Social Security number. 
• Other unique characteristics that can identify the individual.