An acronym for protected health information, which is protected by HIPAA. PHI is any information that can identify an individual and was created, used, or disclosed in the course of providing a health care service. Not all medical data is PHI. For example, an employee file that contains medical data would ordinarily not be PHI, because most employers do not provide healthcare to employees.