This is archived HHS content.
Skip to main content
HHS
.gov
Health Information Privacy
Search
U.S. Department of Health & Human Services
Search
Close
HHS A-Z Index
HIPAA for Individuals
Filing a Complaint
HIPAA for Professionals
Newsroom
HHS
>
HIPAA Home
>
For Professionals
>
FAQ
> Covered Entities
Text Resize
A
A
A
Print
Share
FAQs Categories
Authorizations (30)
Business Associates (42)
Compliance Dates (2)
Covered Entities (14)
Decedents (8)
Disclosures for Law Enforcement Purposes (7)
Disclosures for Rule Enforcement (2)
Disclosures in Emergency Situations (2)
Disclosures Required by Law (6)
Disclosures to Family and Friends (28)
Disposal of Protected Health Information (6)
Facility Directories (7)
Family Medical History Information (3)
FERPA and HIPAA (10)
Group Health Plans (3)
Health Information Technology (41)
Incidental Uses and Disclosures (10)
Judicial and Administrative Proceedings (8)
Limited Data Set (5)
Marketing (18)
Marketing - Refill Reminders (16)
Mental Health (35)
Minimum Necessary (14)
Notice of Privacy Practice (20)
Personal Representatives and Minors (13)
Preemption of State Law (10)
Privacy Rule: General Topics (12)
Protected Health Information (2)
Public Health Uses and Disclosures (13)
Research Uses and Disclosures (20)
Right to Access and Research (58)
Right to an Accounting of Disclosures (8)
Right to File a Complaint (1)
Right to Request a Restriction (2)
Safeguards (13)
Security Rule (25)
Smaller Providers and Businesses (147)
Student Immunizations (8)
Telehealth (11)
Transition Provisions (3)
Treatment, Payment, and Health Care Operations Disclosures (30)
Workers Compensation Disclosures (5)
Covered Entities
Who must comply with HIPAA privacy standards?
When is an authorization required from the patient before a provider or health plan engages in marketing to that individual?
When is a researcher considered to be a covered health care provider under HIPAA?
Are state, county or local health departments required to comply with the HIPAA Privacy Rule?
Are the following types of insurance covered under HIPAA: long/short term disability; workers' compensation; automobile liability that includes coverage for medical payments?
Is an entity that is acting as a third party administrator to a group health plan a covered entity?
The Social Security Administration (SSA) collects medical records when making disability determinations for both title II (Disability Insurance) and title XVI (Supplemental Security Income, SSI) of the Social Security Act. Is SSA a covered entity (e.g., a health plan)?
Is a flexible spending account or a cafeteria plan a covered entity for purposes of the Privacy Rule and the other HIPAA, Title II, Administrative Simplification standards?
Were there Privacy Rule compliance deadlines in 2004?
Must all small health plans comply with the Privacy Rule?
I’m an employer that offers a fully insured group health plan for my employees. Is the fully insured group health plan subject to all of the Privacy Rule provisions?
As an employer, I sponsor a group health plan for my employees. Am I a covered entity under HIPAA?
Are tissue repositories covered entities?
Can health care providers invite or arrange for members of the media, including film crews, to enter treatment areas of their facilities without prior written authorization?
Back to
T
op
This is archived HHS content.