Your Compliance Edge

Covered Entities Under the Privacy Rule

Among other entities, the HIPAA Privacy Rule specifically applies to health care providers and their "business associates."

Health Care Providers

Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity.

  • "Health care providers":  Health care providers include all "providers of services" (e.g., institutional providers such as hospitals) and "providers of medical or health services" (e.g., non-institutional providers such as physicians, dentists, and other practitioners) as defined by Medicare, and any other person or organization that furnishes, bills, or is paid for health care.
  • "Certain transactions":  These transactions include claims, benefit eligibility inquiries, referral authorization requests, or other transactions for which the U.S. Department of Health and Human Services (HHS) has established standards.

Note: The Privacy Rule covers a health care provider whether it electronically transmits these transactions directly or uses a billing service or other third party to do so on its behalf.

FREE Labor Law Penalties
by Company Size Chart

Alerts you to the penalties associated with key federal laws such as
COBRA and discrimination.



Download HR360


Request a Demo 

or Log In