This document discusses protecting personal health information (PHI) under HIPAA regulations. It defines PHI as any identifiable health or medical information about an individual. It states that PHI security standards apply to health plans, healthcare providers, and health clearinghouses. Finally, it emphasizes that while safeguards are important, individuals are responsible for 90% of PHI protection and outlines some consequences of PHI breaches for both individuals and organizations.