HIPAA Information

The HIPAA Privacy Rule applies only to covered entities. Individuals, organizations, and agencies that met the definition of a covered entity under HIPAA must comply with the Privacy Rule's requirements to protect the privacy of health information and must provide individuals with certain rights with respect to their health information. If an entity is not a covered entity, it does not have to comply with the Privacy Rule.

A Health Care Provider:

This includes providers such as:

* Doctors
* Clinics
* Psychologists
* Dentists
* Chiropractors
* Nursing Homes
* Pharmacies

...but only if they transmit any information in an electronic form in connection with a transaction for which HHS has adopted a standard.

A Health Plan

This includes:

* Health insurance companies
* HMOs
* Company health plans
* Government programs that pay for health care, such as Medicare, Medicaid, and the military and veterans health care programs

A Health Care Clearinghouse

This includes entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.