FAQ
FAQ’s
What are examples of covered entities?

What are examples of covered entities?

Covered entities, according to HIPAA rules, include three main types: (1) health plans, (2) healthcare clearinghouses, and (3) healthcare providers who send health information electronically during specific transactions set by HHS. 

These transactions often relate to billing, payments, or insurance coverage. For instance, hospitals, doctors, and medical centers that electronically send claims to health plans are covered entities. They can be individuals, groups, organizations, or institutions.

If researchers are also health care providers who electronically share health info for certain transactions defined by HHS, they become covered entities too. For instance, doctors conducting clinical studies must follow the Privacy Rule if they meet the HIPAA definition of a covered entity.

  • Health Plan: A health plan means an individual or a group that mostly pays for medical care. It also includes various plans and programs covering medical expenses. Many companies and government programs fall under this category.
  • Health Care Provider: Health care providers are any company that collects PHI, and they must be HIPAA compliant. The people who fall under this category are doctors, nursing homes, pharmacies, physiologists, dentists, and clinics. 
  • Health Care Clearinghouse: It includes billing services or systems that process health info from one source into a standard format for another, or vice versa.
  • Health Care includes a wide range of care, services, and supplies related to a patient’s health. It includes preventive care or selling medical items based on prescriptions.

Was this article helpful?

How can we improve this article?

Related questions

  • How often is HIPAA training required?
  • What is the key to HIPAA compliance?
  • Are SOC reports public?
  • How to share my SOC 2 report?
  • How long does a SOC 2 audit take?
  • How long does it take to get SOC 2 compliant?
  • How long is a SOC 2 report valid?
  • What does SOC 2 stand for?
  • How to review a SOC 2 report?

Get SOC 2 compliance
ready in 4 weeks!

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.