What is PHI?

Protected Health Information (PHI) includes anything that links a rider to a medical service, such as:

• Their name and appointment type

• Pickup/drop-off locations tied to care

• Medicaid ID or trip authorizations

• Diagnoses or care needs discussed during transport

Why It Matters

HIPAA violations can cost you contracts, fines, and trust. Privacy isn’t just a regulation — it’s a reflection of your professionalism and integrity.

What Not to Do (HIPAA Violations in NEMT)

Avoid these common missteps that can lead to serious HIPAA violations:

• Discussing riders’ medical information in public or on social media

• Leaving trip logs, PCS forms, or other paperwork in the vehicle

• Using personal phones or unsecured apps to send trip details

• Sharing rider information with friends, family, or unauthorized staff

• Emailing or texting PHI without encryption

• Storing medical info on personal devices or in unlocked locations

Even casual conversations or minor oversights can trigger compliance issues—protecting rider privacy starts with daily habits.