30 Days of Compliance Q&A #4: Does My Company Have To Comply with HIPAA?

The HIPAA Rules apply to covered entities and business associates. The US Department of Health and Human Services defines covered entities as follows:

A covered entity is one of the following:

 1) Health Care Provider

• Doctors
• Clinics
• Psychologists
• Dentists
• Chiropractors
• Nursing homes
• Pharmacies

… but only if they transmit any information in an electronic form in connection with a transaction for which HSS has adopted a standard

2) Health Plan

• Health insurance companies
• HMOs
• Company health plans
• Government programs that pay for health care such as Medicare, Medicaid, and the military and veterans health care programs.

3)  Health Care Clearninghouse

This includes entities that process nonstandard health information they receive from another enttity into a standard (i.e. standard electronic format or data content), or vice versa.

Want more information about whether or not you are a covered entity? Use the Department of Health and Human Services Decision Tool and other useful resources on their website.