Protected Health Information (PHI) is a classification of the data specified by HIPAA. PHI is any information that identifies individuals and contains their medical information. HIPAA requires that this information be handled properly and protected from disclosure. There are many requirements laid out in HIPAA, including storage, transmission, access, and more.
PHI is sensitive data that requires protection from disclosure. The handling of this data is specified in the HIPAA regulations, and there are penalties for failing to protect the data properly. Companies are required to ensure that all their vendors, contractors, and subcontractors with access to PHI handle the information in accordance with HIPAA.
Organizations expect that each aspect of the HIPAA regulation is followed and that all business associates of the organization are bound by business associate contracts to do the same.