An increasing amount of patient healthcare data regarding diagnosis and treatment is being electronically entered and recorded. For example, a healthcare provider may electronically submit healthcare data for the purpose of receiving payment for services rendered. The healthcare data may be transmitted amongst healthcare providers, clearinghouses and/or providers of electronic data interchange, and/or insurance companies. Such healthcare data may include standardized codes to describe diagnoses made, services performed, or products used.
However, regulations in various countries, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the U.S., restrict covered entities from disclosing protected health information (“PHI”). The disclosure of PHI is regulated because it is healthcare data with personally identifiable information (“PII”). Many data sources would be considered covered entities because the data sources produce information that may contain PHI, and PHI through its associated PII can be used to positively identify the patient with whom the healthcare data is related.