Online HIPAA Course

Earn fast, simple and nationally accredited HIPAA (Health Insurance Portability and Accountability Act) training certification at AHCA and learn at your pace. The validity of the course is 2 years and one can take unlimited exam retakes. The course materials are designed and led by experts. Print your HIPAA wallet card instantly after passing.

  1. Home
  2. »
  3. HIPAA
  4. »
  5. Hipaa Course
  6. »
  7. What are Covered Entities?

Select Course

Chapter 3: What Are Covered Entities?

HHS defines a covered entity as:

  1. A health care provider that conducts certain transactions in electronic form.
    • Doctors
    • Clinics
    • Psychologists
    • Dentists
    • Nursing Homes
    • Pharmacies

    For example: If a physician submits a prescription to a pharmacy through email or fax, he/she must comply with HIPAA regulations since he/she is conducting a transaction in an electronic form. Additionally, the pharmacy must also comply with HIPAA regulations, as they are receiving sensitive patient information in an electronic form.

  2. A health care clearinghouse.
    This includes a public or private entity which helps in the processing of health information received from other health care facilities, by converting the nonstandard information into standard information. Examples include:
    • Reprising companies
    • Billing services (i.e., if requesting for payment)
    • Community health management information system
    • “Value-added” switches and networks

      hippa-3
  3. A health plan.
    A covered health plan is a group or person that provides and pays for the cost of medical care. Medical care can include any diagnosis, cure, treatment or prevention of disease; transportation for the purpose of medical care; and more.
    • Government Programs: Medicare, Medicaid and military and veterans health care programs
    • Health Maintenance Organizations (HMOS)
    • Health Insurance Companies
    • Company Health Plans (i.e., plans sponsored by an employer)
  4. Any business associates who perform functions and activities on behalf of the covered entity.If an entity is a covered entity for any purpose under HIPAA, it is covered entirely for all purposes. This means that it must comply with the privacy rule, the electronic transaction rule and the security rule. It MUST comply with all policies under HIPAA in its entirety.