Saturday April 25, 2015
HIPAA Business Associate - Distance Learning - HOME


History > Covered Entity > Definition
What is a Covered Entity?

A covered entity is an entity required to comply with the HIPAA Administrative Simplification provisions. If an entity is a covered entity for any purpose under HIPAA Administrative Simplification, it is a covered entity for all purposes under HIPAA - meaning it must comply with not only the Privacy Rule, but also the Electronic Transactions Rule, the Security Rule, etc.

Examples of a Covered Entity

According to HIPAA Privacy and Security, there are three types of covered entities:

  • Health plans (which include employer-sponsored group health plans).
  • Health care clearinghouses.
  • Health care providers who transmit any health information in electronic form in connection with a listed transaction.

[45 CFR § 160.103.]

Employers need to determine if they offer a covered health plan or if they offer any health services on-site that qualify as a covered health care provider.

Compliance Tip for Covered Entities

Remember, employers are not "covered entities" under HIPAA. However, employers that sponsor group health plans for their employees will be indirectly covered as the "plan sponsor" and may be directly covered as a "hybrid entity" with respect to any on-site clinics or other facilities that are covered health care providers (because they electronically transmit health information in connection with one of the listed transactions).

Definition of a Covered Health Plan

Generally, a covered health plan is an individual or group plan that provides, or pays the cost of, medical care.  [45 CFR § 160.103.]  Medical care is defined as amounts paid for:

  • Diagnosis, cure, mitigation, treatment, or prevention of disease, or amounts paid for the purpose of affecting any structure or function of the body,
  • Transportation primarily for and essential to the medical care listed above, and
  • Insurance covering the medical care and transportation costs listed above.

[42 USC § 300gg-91(a)(2).]

Definition of a Health Care Provider

The term health care provider is defined broadly and includes:

  • A provider of services as defined in section 1861(u) of the PHS Act, 42 USC § 1395x(u), including, for example, a hospital,
  • A provider of medical or health services as defined in section 1861(s) of the PHS Act, 42 USC § 1395x(s), for example a physician, and
  • Any other person or organization who furnishes, bills, or pays, or is paid for health care in the normal course of business.

[45 CFR § 160.103 (definition of "health care provider").]

The last part of the definition in particular is meant to be functional – a person is a health care provider if the activities in which the person is engaged meet the definition of health care. It is, therefore, important to know the meaning of the term "health care."

Previous 1 | 2 Next

(Go to Next Page)

Previous Page Next Page


HIPAA Compliance for Covered Entities
Rated as a top-tier provider by its clients, BridgeFront delivers innovative online education to healthcare, government, business and education - large and small.

A reliable hosted learning management system allows organizations to take skill-building courses as-is, to modify courses or design their own.

Helping organizations build competencies in compliance, the revenue cycle, nursing and customer service communications - BridgeFront stands a leader in responsiveness and service.

BridgeFront - Contact Us By Phone
BridgeFront - Contact Us By Email
BridgeFront - Web Address
Previous Page Next Page