What is a Covered Entity? | Definition for HIPAA

2. What is a Covered Entity (CE) for Purposes of HIPAA?

Answer:  As defined by HIPAA, a Covered Entity or Covered Entities, are defined as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which the Department of Health and Human Services has adopted such standards. Generally speaking, transactions undertaken by covered entities encompass billing and payment for health care services or insurance coverage. Hospitals, medical centers, physician offices, and numerous other health care providers who electronically transmit health care information are deemed to be covered entities. More specific examples of covered entities, for purposes of HIPAA’s three (3) main categories, consist of the following:

  • Health Plans: Health insurance companies, HMOs, Company health plans, Government programs that pay for health care, such as Medicare, Medicaid, and the military and veteran’s health care programs.
  • Health Care Clearinghouses: This includes entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.
  • Health Care Providers: Doctors, Clinics, Psychologists, Dentists, Chiropractors, Nursing Homes, and Pharmacies

Source: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/

b2ap3_thumbnail_HIPPA-tookit-CTA.png

Download HIPAA Policies and Compliance Toolkits Today
hipaapoliciesandprocedures.com also offers industry leading HIPAA toolkits for both Covered Entities (CE) and Business Associates (BA) consisting of high-quality security policies and procedures, training material, readiness checklists and templates, essential legal forms, a HIPAA specific disaster recovery manual, and so much more. Learn about our industry leading HIPAA compliance toolkits today.

If your organization is in need of a HIPAA audit, and or SSAE 16 SOC 1, and SOC 2 assessments that include testing of HIPAA provisions & mandates, please contact Charles Denyer at This email address is being protected from spambots. You need JavaScript enabled to view it., or at 1-800-277-5415, ext. 705 with the NDB Alliance of Firms. Learn more about NDB by visiting ndbcpa.com today.