Skip to main content

How can we help?

Already a customer? Sign in to access additional content.

Who does HIPAA apply to?

  • Updated

HIPAA is applicable to covered entities, business associates, and subcontractors who are storing, processing or transmitting PHI (Protected Health Information):

  • Covered Entities are either healthcare plans (e.g., insurance carriers, corporate health plans, HMOs, etc.)
  • Business Associates are any individuals, vendors organizations that come into contact with a healthcare organization's PHI. Business associates typically work with covered entities to perform services, store, transmit and/or process PHI.
  • Subcontractors are the entities that Business Associates use to process, create or store PHI.

Related articles

Was this article helpful?
0 out of 0 found this helpful

Featured articles

  • Do I have to get SOC 2 Type 1 before pursuing a SOC 2 Type 2?

    You will not need to pursue SOC 2 Type 1 before getting a SOC 2 Type 2 report because they are stand-alone reports. A...

    Read More

  • What are the types of SOC 2 available?

    There are two types of SOC 2:   Audit Period Description SOC 2 Type I 1 day Assess the design of security proces...

    Read More

  • What is SOC 2?

    SOC 2 is a report on an organization’s controls relevant to security, availability, processing integrity, confidentia...

    Read More