Why the Dark Web Loves PHI

October 20, 2023


Private health information, better known as PHI, refers to all of that confidential patient data stored within health organizations’ physical and digital systems. Although PHI laws initially referred to verbal communication and physical documents, the onset of the digital age guaranteed swift legislation aimed at covering that digital gap—for instance, the widely recognized Health Insurance Portability and Accountability Act (HIPAA) law of 1996.

If you work for a healthcare organization, or even occasionally contract with one (as a lawyer or tech support might), then you know just how important and confidential the data on your systems really is!

PHI on the Dark Web

PHI is one of the most valuable types of data on the dark web. It can be used for a variety of illegal purposes, such as identity theft, medical fraud and insurance fraud — which makes it incredibly lucrative data to have.

These dark marketplaces often sell this data in bulk, too, which serves the dual purpose of netting the seller a larger sale and simultaneously making it difficult for individuals to track down and remove their own PHI from the dark web.

Meanwhile, the consequences of having yours available on the dark marketplace can be serious:

  • Identity theft can be used to commit fraud, open bank accounts and even obtain credit cards.
  • Cybercriminals can use PHI to target individuals with phishing emails or malware that is designed to steal their personal information; the more they know about you, the more convincing the spear-phishing becomes.
  • PHI is often used in conjunction with other types of data, such as financial data and social media data, to create a more complete picture of an individual. This information can then be used to target individuals with more sophisticated attacks.

Yes, theft of PHI really is that dangerous! It can be sold for as little as $1 or as much as $1000 for each PHI record, so you need to take care to protect it to the very best of your abilities.


If you believe that your PHI may have been compromised, you should contact your healthcare provider and the appropriate law enforcement agencies immediately! When you’re taking care of other people’s private health information, you need to be vigilant about potential threats to your particular industry and role within the organization.

Ransomware, phishing scams, denial-of-service attacks and even insider threats are just as likely and dangerous to your private data as in any other industry.

There are also many geo-specific laws that mamy pertain to you depending on where you operate. For example, Canada has a nation-wide Personal Health Information Protection Act just like the U.S. has HIPAA. There may also be local privacy laws regarding PHI management, for example the California Confidentiality of Medical Information Act (CMIA) or Ontario’s Personal Health Information Protection Act of 2004.

Clearly, humans all over the world care about protecting their private health information. That’s not the only kind of confidential data that needs to be carefully safeguarded, though. Anyone who handles personally identifiable information (PII) needs to know the industry- and location-specific laws that apply to them in terms of data protection.

Together, we can make the Internet a safer place and keep all of our private data, protected!

Most Recent Post


Our Exclusive FREE Cybersecurity Toolkit

Stay Secure with Top Free Cybersecurity Apps and Tools Recommended by PlanIT

In today’s digital age, protecting your online presence is more critical than ever. That’s why we’re excited to offer you our exclusive Cybersecurity Toolkit for FREE – to arm you with the essential tools and knowledge to safeguard your data and privacy.

Why You Need This Toolkit?

Protect Sensitive Information: Keep your personal and financial data safe from hackers and cybercriminals.

Enhance Digital Privacy: Shield your online activities from prying eyes and maintain your privacy.

Prevent Cyber Attacks: Equip yourself with the knowledge and tools to prevent and respond to cyber threats.

Peace of Mind: Enjoy the confidence that comes with knowing your digital life is secure.

Related Articles

iPhone Running Slow? Speed It up with One of These Tips

iPhone Running Slow? Speed It up with One of These Tips

Let's face it, iPhones are amazing devices. But even the sleekest, most powerful iPhone can succumb to the dreaded slowdown. Apps take forever to load and scrolling feels sluggish. Pretty soon, simple tasks become frustrating ordeals.If your iPhone has gone from...

Is Your Business Losing Money Because Employees Can’t Use Tech?

Is Your Business Losing Money Because Employees Can’t Use Tech?

Shiny new tech can be exciting! It promises increased efficiency, happier employees, and a competitive edge. It’s also necessary to stay competitive in today’s technology-driven business world.But that promise can turn into a financial nightmare if you neglect two...

10 Easy Steps to Building a Culture of Cyber Awareness

10 Easy Steps to Building a Culture of Cyber Awareness

Cyberattacks are a constant threat in today's digital world. Phishing emails, malware downloads, and data breaches. They can cripple businesses and devastate personal lives.Employee error is the reason many threats get introduced to a business network. A lack of...