{"id":2834,"date":"2024-05-09T12:43:35","date_gmt":"2024-05-09T12:43:35","guid":{"rendered":"https:\/\/cprcare.com\/course\/responsabilidades-de-la-entidad-cubierta\/"},"modified":"2025-05-20T12:48:33","modified_gmt":"2025-05-20T12:48:33","slug":"hipaa-4","status":"publish","type":"course","link":"https:\/\/cprcare.com\/es\/course\/hipaa\/4\/","title":{"rendered":"Covered Entity Responsibilities"},"content":{"rendered":"<div class=\"course_wrapper\">\n<span style=\"font-weight: 400;\">Covered entities \u2014 such as healthcare providers, health plans, and clearinghouses \u2014 play a critical role in safeguarding <\/span><b>Protected Health Information (PHI)<\/b><span style=\"font-weight: 400;\"> under the <\/span><b>Health Insurance Portability and Accountability Act (HIPAA)<\/b><span style=\"font-weight: 400;\">.<\/span><span style=\"font-weight: 400;\">This chapter of your <\/span><b>HIPAA Training Course<\/b><span style=\"font-weight: 400;\"> outlines the key responsibilities covered entities must follow to remain compliant and protect patient privacy.<\/span><\/p>\n<h2><b>What Must Covered Entities Do?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">To stay compliant with HIPAA and ensure sensitive health data is protected, covered entities must take the following actions:<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><b>Implement Safeguards<br \/>\n<\/b>Covered entities must have appropriate safeguards in place to protect patient information.<br \/>\nFor example: password-protecting electronic health records (EHRs) in clinics helps prevent unauthorized access to private health or financial details.<\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><b>Limit Use and Disclosure of Information<br \/>\n<\/b>Only the <b>minimum necessary<\/b> information should be shared or accessed \u2014 even when requests come from authorized individuals.<br \/>\nExample: If a family member asks about a specific medication, there\u2019s no need to share the patient\u2019s full medical history.<\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><b>Train Employees<br \/>\n<\/b>All employees should receive training on HIPAA rules and protocols to ensure they understand how to handle sensitive information properly and lawfully.<\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><b>Control Access to Information<br \/>\n<\/b>Access to PHI should be restricted to those who need it to do their jobs.<br \/>\nStaff who don\u2019t interact directly with patients, for example, generally shouldn\u2019t have access to full medical or financial records.<\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><b>Get Written Permission Before Sharing Information<br \/>\n<\/b>Covered entities must obtain written consent from the patient (or their legal representative) before disclosing their information to third parties.<\/li>\n<\/ul>\n<\/div>\n","protected":false},"featured_media":0,"parent":0,"menu_order":208,"template":"","course_category":[131],"class_list":["post-2834","course","type-course","status-publish","hentry","course_category-hipaa-es"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cprcare.com\/es\/wp-json\/wp\/v2\/course\/2834","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cprcare.com\/es\/wp-json\/wp\/v2\/course"}],"about":[{"href":"https:\/\/cprcare.com\/es\/wp-json\/wp\/v2\/types\/course"}],"wp:attachment":[{"href":"https:\/\/cprcare.com\/es\/wp-json\/wp\/v2\/media?parent=2834"}],"wp:term":[{"taxonomy":"course_category","embeddable":true,"href":"https:\/\/cprcare.com\/es\/wp-json\/wp\/v2\/course_category?post=2834"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}