The HIPAA Security Rule applies to all health plans, healthcare clearinghouses, and to any healthcare provider who transmits protected health information (PHI) in electronic form, or electronic protected health information (ePHI). According to the U.S. Department of Health and Human Services, those that fall under this category are known and referred to as Covered Entities (CE).
Online Tech provides HIPAA compliant hosting for organizations that process electronic healthcare transactions including healthcare providers, healthcare software providers (Software-as-a-Service, SaaS) and other healthcare employers. Electronic patient care reporting, or ePCR software, is one example of patient medical and personal data that must be transferred, saved and accessed in a secure, HIPAA compliant environment. Read more about what a HIPAA Compliant Data Center should entail.
The following is a more specific list of who needs to be HIPAA compliant:
- Covered healthcare providers (hospitals, clinics, regional health services, individual medical practitioners) that carry out transactions in electronic form
- Healthcare clearinghouses
- Health plans (including insurers, HMOs, Medicaid, Medicare prescription drug card sponsors, flexible spending accounts, public health authority, in addition to employers, schools or universities that collect, store or transmit EPHI, or electronic protected health information, to enroll employees or students in health plans)
- Their business associates (including private sector vendors and third-party administrators)
Note: 'HIPAA certified' is not the same as 'HIPAA compliant.' No third party or hosting provider can make your organization HIPAA compliant. There is also no certification program recognized by the federal governing body of the HIPAA standard, the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR).
- What is HIPAA Compliance? - Your primer for what a HIPAA compliant hosting provider and HIPAA compliant data center operator should have in place to protect ePHI.
- HIPAA FAQ - A great overview of questions you might have about HIPAA hosting and our recommended and required technologies used to protect ePHI.
- HIPAA Glossary of Terms - A comprehensive glossary of basic HIPAA terms to define the key phrases you need to understand HIPAA compliance today.
- Five Questions to Ask Your HIPAA Hosting Provider - The top questions you need to ask to do your due diligence as a covered entity.
- What is a HIPAA Violation? - Specific violation types and associated minimum/maximum penalties, real HIPAA violation cases, and tips on how to avoid a data breach.
- Benefits of HIPAA Compliant Hosting - Features and benefits of outsourcing to a fully audited and compliant HIPAA hosting provider.