Who Does HIPAA Apply To? - LabCE.com, Laboratory Continuing Education

This version of the course is no longer available.

Need multiple seats for your university or lab? Get a quote

The page below is a sample from the LabCE course HIPAA Privacy and Security Rules (to be retired 12/31/2020). Access the complete course and earn ASCLS P.A.C.E.-approved continuing education credits by subscribing online.

Learn more about HIPAA Privacy and Security Rules (to be retired 12/31/2020) (online CE course)

Who Does HIPAA Apply To?

HIPAA applies to:

Health plans (such as health insurance companies)
Health care clearinghouses (such as billing companies)
Health care providers (including doctors, hospitals, laboratories, and pharmacies)

HIPAA refers to these 3 groups as covered entities.

(January 2013 final rule modification) The standards, requirements, and implementation specifications of HIPAA also apply to business associates who may access protected health information (PHI).

A business associate:

is not a member of the workforce of the covered entity.
may provide legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services to or for the covered entity and provision of the service involves the disclosure of PHI from the covered entity to that person.
may access PHI for claims processing or administration data analysis processing or administration utilization review, quality assurance, or patient safety activities listed at 42CFR3.20.