Covered Entity Definition
A Covered Entity is:
A health plan. An individual or group plan that
provides, or pays the cost of, medical care. Health plans include
private entities (e.g., health insurers and managed care organizations)
and government organizations (e.g., Medicaid, Medicare, and the Veterans
Health Administration)
A health care provider. A provider of health care
services and any other person or organization that furnishes, bills, or
is paid for health care in the normal course of business. Health care
providers (e.g., physicians, hospitals, and clinics) are covered
entities if they transmit health information in electronic form in
connection with a transaction for which a HIPAA standard has been
adopted by HHS. (e.g., billing)
A health care clearinghouse. A public or private
entity, including a billing service, repricing company, or community
health information system, that processes non-standard data or
transactions received from another entity into standard transactions or
data elements, or vice versa.
| Radiologist Revises Process for Workers Compensation Disclosures Covered Entity: Health Care Provider Issue: Impermissible Uses and Disclosures A radiology practice that interpreted a hospital patient’s imaging tests submitted a worker’s compensation claim to the patient’s employer. The claim included the patient’s test results. However, the patient was not covered by worker’s compensation and had not identified worker’s compensation as responsible for payment. OCR’s investigation revealed that the radiology practice had relied upon incorrect billing information from the treating hospital in submitting the claim. Among other corrective actions to resolve the specific issues in the case, the practice apologized to ...read more |
| Radiologist Revises Process for Workers Compensation Disclosures Covered Entity: Health Care Provider Issue: Impermissible Uses and Disclosures A radiology practice that interpreted a hospital patient’s imaging tests submitted a worker’s compensation claim to the patient’s employer. The claim included the patient’s test results. However, the patient was not covered by worker’s compensation and had not identified worker’s compensation as responsible for payment. OCR’s investigation revealed that the radiology practice had relied upon incorrect billing information from the treating hospital in submitting the claim. Among other corrective actions to resolve the specific issues in the case, the practice apologized to ...read more |
| Private Practice Revises Policies and Procedures Addressing Activities Preparatory to Research Covered Entity: Private Practice Issue: Impermissible Disclosure-Research A private practice physician who was the principal investigator of a clinical research study disclosed a list of patients and diagnostic codes to a contract research organization to telephone patients for recruitment purposes. The disclosure was not consistent with documents approved by the Institutional Review Board (IRB). The private practice maintained that the disclosure to the contract research organization was permissible as a review preparatory to research. Activities considered “preparatory to research” include: preparing a research protocol; developing a research hypothesis; ...read more |
| Enforcement Actions Ensure Patients Receive Timely Access to their Records, at a Reasonable Cost Today, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of three investigations concerning potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule's patient right of access provision. These cases are part of a collective effort, bringing the total 41 cases, to drive compliance on right of access under the law. “These three right of access actions send an important message to dental practices of all sizes that are covered by the HIPAA ...read more |
|
December 2025
| Su | Mo | Tu | We | Th | Fr | Sa |
| 1 | 2 | 3 | 4 | 5 | 6 |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 |
|
Blog Home
Newest Blog Entries
1/21/25 Understanding Business Associate Agreements
11/12/22 Modernizing Medicine Agrees to Pay $45 Million to Resolve Allegations of Accepting and Paying Illegal Kickbacks and Causing False Claims
11/12/22 Indian National Charged in $8 Million COVID-19 Relief Fraud Scheme
11/12/22 Former Hospital Employee Pleads Guilty To Criminal HIPPA Charges
11/12/22 Covered entities and those persons rendered accountable by general principles of corporate criminal liability may be prosecuted directly under 42 U.S.C. § 1320d-6
11/12/22 The Delaware Division of Developmental Disabilities Services Data Breach
11/12/22 OCR Settles Three Cases with Dental Practices for Patient Right of Access under HIPAA
11/12/22 HHS Issues Guidance on HIPAA and Audio-Only Telehealth
11/12/22 Five Former Methodist Hospital Employees Charged with HIPAA Violations
11/12/22 May a covered entity use or disclose protected health information for litigation?
11/12/22 When does the Privacy Rule allow covered entities to disclose protected health information to law enforcement officials?
Blog Archives
January 2025 (1)
November 2022 (54)
Blog Labels
PPP Fraud (1)
HIPAA Enforcement (3)
EHR Fraud (1)
Data Breach (1)
BAA (4)
Covered Entity (40)
Telehealth (1)
ePHI (2)
HIPAA (2)
|
