Chapter 3: Hipaa Course | American CPR Care Association

Hipaa Course

Take Quiz

Select Courses

Register Now

chapter 3 : What Are Covered Entities?

HHS defines a covered entity as:

  1. A health care provider
    that conducts certain transactions in electronic form.

    • Doctors
    • Clinics
    • Psychologists
    • Dentists
    • Nursing Homes
    • Pharmacies

For example: If a physician submits a prescription to a pharmacy through email or fax, he/she must comply with HIPAA regulations since he/she is conducting a transaction in an electronic form. Additionally, the pharmacy must also comply with HIPAA regulations, as they are receiving sensitive patient information in an electronic form.

  1. A health care clearinghouse.
    This includes a public or private entity which helps in the processing of health information received from other health care facilities, by converting the nonstandard information into standard information. Examples include:

    • Reprising companies
    • Billing services (i.e., if requesting for payment)
    • Community health management information system
    • “Value-added” switches and networks

 

    1.  A health plan.A covered health plan is a group or person that provides and pays for the cost of medical care. Medical care can include any diagnosis, cure, treatment or prevention of disease; transportation for the purpose of medical care; and more.
  • Government Programs: Medicare, Medicaid and military and veterans health care programs
  • Health Maintenance Organizations (HMOS)
  • Health Insurance Companies
  • Company Health Plans (i.e., plans sponsored by an employer)
  1. Any business associates who perform functions and activities on behalf of the covered entity.

If an entity is a covered entity for any purpose under HIPAA, it is covered entirely for all purposes. This means that it must comply with the privacy rule, the electronic transaction rule and the security rule. It MUST comply with all policies under HIPAA in its entirety.