What is a “Covered Entity?’’

Dear HIPAA-HITECH Informed Readers,

Here’s a question from our HIPAA-HITECH FAQs Series…

Q2. What is a “Covered Entity?’’

Covered Entities (CEs) include all health care providers (doctors, dentists, therapists, psychologists, pharmacists, etc.), health care clearinghouses, and health plans (i.e., health insurance companies) that electronically store, process or transmit electronic protected health information (EPHI).

Previously, any Business Associate (BA) of these CEs who by agreement has access to this EPHI was required to comply with the Security Rule as well by means of a so-called BA Agreement.

The HITECH Act now explicitly places the same comprehensive Security Rule requirements on BAs to ensure that the same level of security is consistent throughout whenever health information is accessed or exchanged between organizations.

View our entire series of HIPAA Security Law – HITECH Act FAQs…

Attend one of our HIPAA-HITECH Webinars…

Bob Chaput wrote this blog. Bob is president of Data Mountain LLC, a data security, online data backup and recovery, disaster recovery and data protection services firm. bob.chaput@datamountain.com (800) 704-3394. Follow Bob on Twitter: twitter.com/BobChaput