What is the Difference Between "Uses" of PHI and "Disclosures" of PHI?

Modified on Wed, 27 Mar at 11:57 AM


DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.


The HIPAA Privacy Rule and Security permits the use or disclosure of certain PHI, while preventing the use or disclosure of other PHI.

What is the distinction between "Use" of PHI and "Disclosure" of PHI?


"Use" means, with respect to individually identifiable health information (IIHI), the sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information. An example of "use" of PHI would be the sharing of PHI between a doctor of a practice and a nurse of the same practice.

"Disclosure of PHI" 
means the release, transfer, provision of access to, or divulging in any manner of information outside the entity holding the information. A disclosure of PHI is the divulging of PHI from one entity to another.  Note that the transfer of protected health information from a covered entity to a business associate is a disclosure for purposes of HIPAA.

Protected health information (PHI) is a subset of individually identifiable health information (IIHI) that is:

  1. Transmitted by electronic media; 

  2. Maintained in electronic media; or 

  3. Transmitted or maintained in any other form or medium.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article