The HIPAA Rules apply to covered entities and business associates. The US Department of Health and Human Services defines covered entities as follows:
A covered entity is one of the following:
1) Health Care Provider
… but only if they transmit any information in an electronic form in connection with a transaction for which HSS has adopted a standard
2) Health Plan
3) Health Care Clearninghouse
This includes entities that process nonstandard health information they receive from another enttity into a standard (i.e. standard electronic format or data content), or vice versa.
Want more information about whether or not you are a covered entity? Use the Department of Health and Human Services Decision Tool and other useful resources on their website.