What is a HIPAA-covered entity?
A HIPAA-covered entity is an individual, organization, or agency to which the HIPAA Rules apply; covered entities include health care providers, health plans, and health care clearinghouses.
Health care providers include those providers who electronically submit HIPAA transactions like claims. Providers include but are not limited to:
- Doctors
- Clinics
- Psychologists
- Dentists
- Chiropractors
- Nursing homes
- Pharmacies
For HIPAA purposes, health plans include:
- Health insurance companies
- HMOs or health maintenance organizations
- Employer-sponsored health plans
- Government programs that pay for health care, like Medicare, Medicaid, and military and veterans’ health programs
Health care clearinghouses are public or private entities that process or facilitate the processing of nonstandard health information into standard data elements on behalf of other organizations.
HIPAA Rules apply to covered entities as well as business associates. If a covered entity engages a business associate to help carry out health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes what the business associate has been engaged to do, and requires the business associate to comply with HIPAA.
Join our upcoming webinar, where leading cybersecurity experts Ciaran Martin and Victoria Baines will discuss findings from Vanta’s second annual State of Trust Report. Understand the risks facing UK organisations, why good security means good business and how to minimise manual security work through AI and automation.
Join Danny Sheridan, Co-founder and CEO at Fern (YC W23), and Brian Kuan, Product Marketing Manager at Vanta (YC W18), for a deep dive into why startups should prioritize compliance early in their journey, and how Vanta can help you become SOC 2-ready in as little as four weeks—giving time back for you to focus on building a company.
Join our upcoming webinar, where leading cybersecurity experts Ciaran Martin and Victoria Baines will discuss findings from Vanta’s second annual State of Trust Report. Understand the risks facing UK organisations, why good security means good business and how to minimise manual security work through AI and automation.
Join Danny Sheridan, Co-founder and CEO at Fern (YC W23), and Brian Kuan, Product Marketing Manager at Vanta (YC W18), for a deep dive into why startups should prioritize compliance early in their journey, and how Vanta can help you become SOC 2-ready in as little as four weeks—giving time back for you to focus on building a company.
Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo where you’ll learn how Vanta goes beyond compliance to enhance your overall security and trust management.
Watch our Coffee and Compliance session, where our experts, Ethan Heller, GRC, Subject Matter Expert at Vanta, and Brad Dispensa,WWPS Specialist SA at Amazon Web Services (AWS) cover some of the challenges of SOC 2 compliance and show how Vanta and AWS work together to simplify and accelerate SOC 2 compliance.
We had the pleasure of hosting Jeremy Epling, Vanta’s CPO from our Vanta Sydney office, where he shares and demonstrates some exciting new product updates designed to help security teams future-proof and scale their GRC programs more easily.
.svg)
.svg)
