Who are considered the covered entities?
(A) All of DMH is a covered entity, and all areas/components will comply with HIPAA Privacy Rule. While most other providers are also CEs, in addition to most 3rd party payers, some other public agencies may be “hybrid” with both Covered (e.g., the treatment or care component) and Non-Covered components. For example, some areas of DHEC (e.g. health department) and DSS (health care/treatment/case managers) are covered by HIPAA privacy while other areas are not.
Related Questions
- Are covered entities required to use the National Institute of Standards and Technology (NIST) guidance documents referred to in the preamble to the final HIPAA Security Rule?
- I understand about obtaining information from covered entities records for use in research. Is PHI ever created within the course of conducting research?
- Why were the HIPAA Privacy standards for business associates and covered entities combined into one (1) accreditation?
