Blog

What is a Covered Entity?

HIPAA
May 5, 2021
Before you can comply with HIPAA, you'll first need to understand who HIPAA applies to. Learn about what is and what isn't a Covered Entity.

What is a HIPAA Covered Entity?

Covered Entity? Business Associates? The Health Insurance Portability and Accessibility Act is full of unusual language which can make the process of complying with the rule very challenging. Before you can achieve HIPAA compliance, you'll first need to understand who and what HIPAA applies to. Here we break down what is and what isn't a covered Entity.

One of the original reasons for the creation of the HIPAA rules was to secure and protect individuals health care information. Who uses that information the most? Covered Entities. But you may ask, what is a covered entity under HIPAA? The answer is pretty easy: anyone that provides treatment, payment, or operations in healthcare.

The HIPAA law breaks those organizations down into three categories: Healthcare Providers, Health Plans, and Healthcare Clearinghouses. 

What are Healthcare Providers?

Healthcare providers are exactly who you think they are: they are the doctors, clinics, medical practices, dentists, hospitals, nursing homes, and pharmacies that provide healthcare services to their communities.

What are healthcare plans as defined by HIPAA?

Healthcare plans are the health insurance companies, HMOs, company healthcare plans, Medicare, and Medicaid. Additionally, employers and schools that handle PHI to enroll their employees and students fall under the definition of a health plan.

What is a healthcare clearinghouse?

Healthcare Clearinghouses are a little tricky. They’re defined as organizations that process nonstandard health information in order to ensure that it conforms to data standards on behalf of other organizations.

Am I a covered entity?

If you’re still unsure if you are a covered entity, check out this simple flowchart:

covered entity definition

If you don’t fit neatly into any of those categories above yet still find yourself working with PHI, you are a business associate. 

What about Business Associates?

A Business Associate is a person or organization that performs certain functions for a covered entity that involves the usage or exposure to Protected Health information. In order to protect both parties in the event of a breach, Business Associates are required to adhere to HIPAA and sign a Business Associate Agreement.



More from the Blog

GenixTec has achieved HIPAA Compliance with Accountable
Compliant Tools

GenixTec has achieved HIPAA Compliance with Accountable

HIPAA and Workforce Training
HIPAA

HIPAA and Workforce Training

Understanding HIPAA Certification
HIPAA

Understanding HIPAA Certification

Is Google Docs HIPAA Compliant?
Compliant Tools

Is Google Docs HIPAA Compliant?

Is Calendly HIPAA Compliant?
Compliant Tools

Is Calendly HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is Google Sheets HIPAA Compliant?

Is iCloud HIPAA Compliant?
Compliant Tools

Is iCloud HIPAA Compliant?

President Biden Looks to Boost Cybersecurity at U.S. Ports
Data Security

President Biden Looks to Boost Cybersecurity at U.S. Ports

Get Started
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Ready to chat?

See how some of the fastest growing companies use Accountable to build trust through privacy and compliance.
Trusted by
Accountable Compliance Management Logo

We make it easy to get your own HIPAA Certification and build trust with your customers and patients.

Product
PlaybooksHow it worksProductPricingWatch DemoSeal of ComplianceGet Support
Solutions
HIPAAGDPR
Resources
BlogHIPAA TrainingHIPAA Risk AnalysisGDPR Risk Analysis
Company
AboutCareersSupportContact UsPrivacy CenterProduct Updates
Account
Sign InForgot Password

"Accountable allowed us to quickly establish Core Compliance with HIPAA as well as a firm foundation for our Security Program." - Michael H.

© 2024 Accountable HQ, Inc.
SitemapTerms of ServicePrivacy Policy