Electronic protected
health information

What is ePHI?

Electronic protected health information (ePHI) is any identifiable information generated, processed, stored, or transmitted electronically by healthcare facilities, including hospitals, hospices, and health insurance agencies. Examples of ePHI include patient demographics like names, addresses, and email addresses, and healthcare data like prescriptions, blood test reports, and biometric identifiers.


In the US, the Health Insurance Portability and Accountability Act (HIPAA) mandates stringent security standards for storing, sharing, and managing protected health information. Neglecting to comply with these security standards or failure to protect patients' privacy can result in heavy financial penalties and damage to reputation. Organizations that adhere to HIPAA are required to closely monitor accesses and modifications to files that contain ePHI, and prevent its leak and theft. A HIPAA compliance tool can be used to help with maintaining stringent data security standards.

Some of the major cybersecurity requirements based on technical controls mandated by HIPAA for securing ePHI include:

  • Tracking all unauthorized file changes to ensure data integrity is preserved. (Sections 10.5.5 and 11.5)

  • Detecting crucial file and folder activity with the help of timely notifications, which is necessary to track potential data leaks or theft. (Section 164.312)

  • Analyzing security permissions for the files containing ePHI to ensure that only the right personnel have been granted access to the data. (Section 164.312)

  • Responding to mass file access events promptly to prevent malware infections or data breaches. (Section 164.312)


How to secure ePHI

ePHI, like all other sensitive information, has to be secured with the most stringent measures. Personal data stored in file servers, cloud storage, or other repositories can be discovered and located using a data discovery tool. It should then be processed by a data classification tool so the correct priorities can be applied for the right level of security control.

Once located and classified, sensitive data needs to be secured in all instances—file server, cloud storage, and endpoints—to prevent manipulation or theft. Deploy a data leak prevention solution to monitor and control endpoint activity, including copy actions on files classified as sensitive. Use cloud protection software to monitor user access to web applications and incoming traffic from the internet.

Secure ePHI with DataSecurity Plus

ManageEngine DataSecurity Plus is a unified data visibility and security platform that offers granular reporting and a swift alert-response mechanism to help detect risks to data security. With DataSecurity Plus, you can:

  • Discover ePHI stored in your file servers and SQL database servers using regular expression matching.
  • Classify business-critical information to monitor at-risk files for unauthorized activity.
  • Detect high volumes of file modifications and deletions, which could indicate potential data manipulation.
  • Execute customizable scripts to isolate infected endpoints or disable user accounts when a ransomware alert is triggered.
  • Control user access to USB devices to selectively allow read, write, or modify actions made in the devices.
  • Scan all outbound Outlook emails for files that contain sensitive data.
  • Monitor web application accesses to restrict access to risky websites and cloud applications.

Try all the above features and more in a fully functional, free, 30-day trial.

Download a free trial
Email Download Link