• HOME

  • ABOUT US

  • SERVICES

  • CONTACT

  • KNOWLEDGE

  • BUY ONLINE

  • More

    CYBER SECURITY ASSESSMENTS // PENETRATION TESTING // DATA SECURITY // IT SECURITY // SECURITY AUDITS // DIGITAL FORENSICS // CYBER INTELLIGENCE

                                              HIPAA BASICS

     

     

    The HIPAA Rules provide federal protections for patient health information held by Covered Entities (CEs) and Business Associates (BAs). HIPAA gives patients many rights with respect to their health information.

    The Guide (especially Chapter 2) [PDF - 493 KB] provides details on the HIPAA Privacy, Security, and Breach Notification Rules, such as:

    • What types of information HIPAA protects

    • Who must comply with HIPAA

    • How patient information can be used and disclosed under the HIPAA Privacy Rule

     

    Covered Entities and Business Associates

     

    The HIPAA Rules apply to covered entities and business associates.  

    Individuals, organizations, and agencies that meet the definition of a covered entity under HIPAA must comply with the Rules' requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their health information. If a covered entity engages a business associate to help it carry out its health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes specifically what the business associate has been engaged to do and requires the business associate to comply with the Rules’ requirements to protect the privacy and security of protected health information. In addition to these contractual obligations, business associates are directly liable for compliance with certain provisions of the HIPAA Rules.

    If an entity does not meet the definition of a covered entity or business associate, it does not have to comply with the HIPAA Rules.  See definitions of “business associate” and “covered entity” at 45 CFR 160.103.

    View an easy-to-use question and answer decision tool.

    Fast Facts for Covered Entities

     

     

    A Covered Entity is one of the following:

    A Health Care Provider

    This includes providers such as:

     

    • Doctors

    • Clinics

    • Psychologists

    • Dentists

    • Chiropractors

    • Nursing Homes

    • Pharmacies

     

    ...but only if they transmit any information in an electronic form in connection with a transaction for which HHS has adopted a standard.

     

     

    A Health Plan

    This includes:

     

    • Health insurance companies

    • HMOs

    • Company health plans

    • Government programs that pay for health care, such as Medicare, Medicaid, and the military and veterans health care programs

     

    A Health Care Clearinghouse

    This includes entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.

     

    Trojan 1 | PCI Compliance | HIPAA Compliance | GLBA Compliance | GDPR Compliance | Penetration Testing | Web Application Assessment | Corporate Security Assessment | Cyber Threat Intelligence 24 / 7

     

    Cyber Breach Lawyers | Vulnerability Assessments | CISO On Demand | Black Ops | Secure Cloud | Personal Security Assessments | Small Business IT Security  | NY Cybersecurity Rule 23 NYCRR 500

     

    Ethical Hacking for Small Businesses | IT Compliance Small Business | Security Breach Management Solutions | Big Data Security | Corporate Randsomware

     

    Website Security for Small Businesses | Security Consulting Services | Enterprise Security Services | Drone & Robotic IT Security

     

    Complete IT/Cyber Security Assessment |  Security Governance Services | Security & Risk Management | Digital Forensics

     

    Social Engineering Testing  | Cyber Liability Insurance | Data Centers Transformation & Security | Secure Access and Continuity Solutions

     

    Mobility Management  & Security | Network Management  Security Solutions | EndPoint Security Solutions |  National Vulnerability Database

    2200 PENNSYLVANIA AVENUE | NW | 4TH FLOOR EAST​ | WASHINGTON, D.C. 20037​

    ​​Tel: 202.507.5773 | Fax: 202.507.5601​ |  ContactUs@TrojanHorseSecurity.com

     

    • s-linkedin
    • s-facebook
    • Google Metallic
    • YouTube Metallic
    • Pinterest Metallic
    • s-tbird

    © 2020  TROJAN HORSE SECURITY INC

    • HOME

    • ABOUT US

    • SERVICES

    • CONTACT

    • KNOWLEDGE

    • BUY ONLINE

    • More