{"id":563,"date":"2022-03-10T18:39:24","date_gmt":"2022-03-10T18:39:24","guid":{"rendered":"https:\/\/www.wellreceived.com\/blog\/?p=563"},"modified":"2025-05-30T12:00:50","modified_gmt":"2025-05-30T12:00:50","slug":"who-needs-hipaa-compliance","status":"publish","type":"post","link":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/","title":{"rendered":"Who needs HIPAA compliance?"},"content":{"rendered":"\n<p>If you\u2019ve previously worked with data of any kind or volunteered information to a service provider, it\u2019s likely you\u2019ve come across rules and regulations outlining exactly how patient data can be used.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-style-default\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"580\" src=\"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png\" alt=\"patient data security on devices\" class=\"wp-image-693\" srcset=\"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png 1024w, https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min-300x170.png 300w, https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min-768x435.png 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what\">What does HIPAA stand for?<\/h2>\n\n\n\n<p>The medical profession has always dealt with sensitive data, perhaps more than any other industry in the world. In 1996, Congress enacted <strong>the Health Insurance Portability and Accountability Act (HIPAA)<\/strong> as a federal law. This created a national standard to keep healthcare providers from disclosing patient information without their knowledge.<\/p>\n\n\n\n<p>These regulations outline the appropriate uses and disclosures of protected health information (PHI). They&#8217;re centered <a href=\"https:\/\/www.wellreceived.com\/blog\/three-main-components-of-hipaa\/\" target=\"_blank\" rel=\"noreferrer noopener\">around 3 major rules<\/a>:<\/p>\n\n\n\n<p><strong>The privacy rule<\/strong> &#8211; The <em>HIPAA privacy rule<\/em> requires healthcare providers to put appropriate safeguards in place to protect the privacy of protected health information. It also determines when and why healthcare providers can disclose protected health information without patient authorization.<\/p>\n\n\n\n<p><strong>The security rule<\/strong> &#8211; The security rule ensures healthcare providers meet the  proper administrative, physical, and technical standards when keeping patient information secure. <\/p>\n\n\n\n<p><strong>Breach notification rule<\/strong> &#8211; The breach notification rule requires healthcare providers to establish a plan for notifying patients if their protected health information has been breached.<\/p>\n\n\n\n<p>Below, we answer frequently asked questions about<strong> HIPAA law<\/strong> and <strong>who needs HIPAA compliance?<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"covered\">Covered Entities<\/h3>\n\n\n\n<p>According to the US Department of Health and Human Services (HHS), three types of covered entities need to maintain HIPAA compliance: healthcare providers, clearing houses, and health plan providers.<\/p>\n\n\n\n<p>Health care providers include:<\/p>\n\n\n<ul>\n<li>Doctors<\/li>\n<li>Psychologists<\/li>\n<li>Dentists<\/li>\n<li>Nursing Homes<\/li>\n<li>Pharmacies<\/li>\n<li>Medical Clinics<\/li>\n<li>Chiropractors<\/li>\n<\/ul>\n\n\n<p>These providers transmit healthcare information electronically for the purposes of processing claims, completing transactions, and exchanging data.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"clearing\">Clearinghouses<\/h3>\n\n\n\n<p>In the medical industry, a clearinghouse acts as a third-party provider that takes patient information and processes it into a clear standard format. This electronic hub of information is a go-between for exchanging information between entities doctors, health plan providers, and medical claims companies.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"health\">Health Plan Providers<\/h3>\n\n\n\n<p><strong>Health Plan Providers that need to be HIPAA compliant include:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Health insurance companies<\/li>\n\n\n\n<li>Company health plan providers<\/li>\n\n\n\n<li>Government-sponsored programs such as Medicare and Medicaid<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"business\">Business Associates<\/h3>\n\n\n\n<p>Business associates of covered entities are also required to follow regulations. <strong>According to HIPAA, a business associate carries out work on behalf of a covered entity or provides services for them. <\/strong>Business associates are required to sign contracts with covered entities agreeing to safeguard PHI. They perform functions such as:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Claims processing<\/li>\n\n\n\n<li><a href=\"https:\/\/www.wellreceived.com\/services\/medical-answering-service\">Medical answering services<\/a><\/li>\n\n\n\n<li>Collections agencies<\/li>\n\n\n\n<li>Lawyers<\/li>\n<\/ul>\n\n\n\n<p>Business associates working with covered entities are held separately liable for HIPAA violations and are subject to the same safeguarding rules as private entities. <\/p>\n\n\n\n<p>It&#8217;s crucial that healthcare providers understand which businesses with which they work require HIPAA compliance. Patients trust healthcare providers to protect their health information on every level.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"HIPAA\">HIPAA &amp; WellReceived<\/h2>\n\n\n\n<p>At WellReceived, all of our dedicated and <a rel=\"noreferrer noopener\" href=\"https:\/\/www.wellreceived.com\/services\/virtual-medical-receptionist\" target=\"_blank\">professional virtual medical receptionists<\/a> are trained on HIPAA and PHI <a rel=\"noreferrer noopener\" href=\"https:\/\/www.wellreceived.com\/features\/HIPAA-compliant-answering-service\" target=\"_blank\">compliance<\/a> to support your business and patients. <strong>If you\u2019d like to know more on how HIPAA compliance can impact your business, our team will be happy to assist you<\/strong>!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you\u2019ve previously worked with data of any kind or volunteered information to a service provider,&#8230;<\/p>\n","protected":false},"author":4,"featured_media":693,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-563","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-how-it-works"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Who Needs HIPAA Compliance? | A Quick Guide for Providers<\/title>\n<meta name=\"description\" content=\"Find out who must follow HIPAA compliance, from doctors to business associates. Learn key rules, requirements, and how to stay compliant. Read the guide now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Who Needs HIPAA Compliance? | A Quick Guide for Providers\" \/>\n<meta property=\"og:description\" content=\"Find out who must follow HIPAA compliance, from doctors to business associates. Learn key rules, requirements, and how to stay compliant. Read the guide now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"WellReceived Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-10T18:39:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-30T12:00:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"580\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Terri Phillips\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Terri Phillips\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/\",\"url\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/\",\"name\":\"Who Needs HIPAA Compliance? | A Quick Guide for Providers\",\"isPartOf\":{\"@id\":\"https:\/\/www.wellreceived.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png\",\"datePublished\":\"2022-03-10T18:39:24+00:00\",\"dateModified\":\"2025-05-30T12:00:50+00:00\",\"author\":{\"@id\":\"https:\/\/www.wellreceived.com\/blog\/#\/schema\/person\/9a9e18c82711f0e389a303838298e18d\"},\"description\":\"Find out who must follow HIPAA compliance, from doctors to business associates. Learn key rules, requirements, and how to stay compliant. Read the guide now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#primaryimage\",\"url\":\"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png\",\"contentUrl\":\"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png\",\"width\":1024,\"height\":580,\"caption\":\"hipaa data security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.wellreceived.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How it works\",\"item\":\"https:\/\/www.wellreceived.com\/blog\/category\/how-it-works\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Who needs HIPAA compliance?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.wellreceived.com\/blog\/#website\",\"url\":\"https:\/\/www.wellreceived.com\/blog\/\",\"name\":\"WellReceived Blog\",\"description\":\"WellReceived Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.wellreceived.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.wellreceived.com\/blog\/#\/schema\/person\/9a9e18c82711f0e389a303838298e18d\",\"name\":\"Terri Phillips\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.wellreceived.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cdff767c73137176cc289865683e192d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cdff767c73137176cc289865683e192d?s=96&d=mm&r=g\",\"caption\":\"Terri Phillips\"},\"url\":\"https:\/\/www.wellreceived.com\/blog\/author\/terri\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Who Needs HIPAA Compliance? | A Quick Guide for Providers","description":"Find out who must follow HIPAA compliance, from doctors to business associates. Learn key rules, requirements, and how to stay compliant. Read the guide now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/","og_locale":"en_US","og_type":"article","og_title":"Who Needs HIPAA Compliance? | A Quick Guide for Providers","og_description":"Find out who must follow HIPAA compliance, from doctors to business associates. Learn key rules, requirements, and how to stay compliant. Read the guide now!","og_url":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/","og_site_name":"WellReceived Blog","article_published_time":"2022-03-10T18:39:24+00:00","article_modified_time":"2025-05-30T12:00:50+00:00","og_image":[{"width":1024,"height":580,"url":"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png","type":"image\/png"}],"author":"Terri Phillips","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Terri Phillips","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/","url":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/","name":"Who Needs HIPAA Compliance? | A Quick Guide for Providers","isPartOf":{"@id":"https:\/\/www.wellreceived.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#primaryimage"},"image":{"@id":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png","datePublished":"2022-03-10T18:39:24+00:00","dateModified":"2025-05-30T12:00:50+00:00","author":{"@id":"https:\/\/www.wellreceived.com\/blog\/#\/schema\/person\/9a9e18c82711f0e389a303838298e18d"},"description":"Find out who must follow HIPAA compliance, from doctors to business associates. Learn key rules, requirements, and how to stay compliant. Read the guide now!","breadcrumb":{"@id":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#primaryimage","url":"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png","contentUrl":"https:\/\/storage.googleapis.com\/wr_blog\/1\/2022\/03\/13-min.png","width":1024,"height":580,"caption":"hipaa data security"},{"@type":"BreadcrumbList","@id":"https:\/\/www.wellreceived.com\/blog\/who-needs-hipaa-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.wellreceived.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How it works","item":"https:\/\/www.wellreceived.com\/blog\/category\/how-it-works\/"},{"@type":"ListItem","position":3,"name":"Who needs HIPAA compliance?"}]},{"@type":"WebSite","@id":"https:\/\/www.wellreceived.com\/blog\/#website","url":"https:\/\/www.wellreceived.com\/blog\/","name":"WellReceived Blog","description":"WellReceived Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.wellreceived.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.wellreceived.com\/blog\/#\/schema\/person\/9a9e18c82711f0e389a303838298e18d","name":"Terri Phillips","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.wellreceived.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cdff767c73137176cc289865683e192d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cdff767c73137176cc289865683e192d?s=96&d=mm&r=g","caption":"Terri Phillips"},"url":"https:\/\/www.wellreceived.com\/blog\/author\/terri\/"}]}},"_links":{"self":[{"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/posts\/563"}],"collection":[{"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/comments?post=563"}],"version-history":[{"count":8,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/posts\/563\/revisions"}],"predecessor-version":[{"id":1332,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/posts\/563\/revisions\/1332"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/media\/693"}],"wp:attachment":[{"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/media?parent=563"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/categories?post=563"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wellreceived.com\/blog\/wp-json\/wp\/v2\/tags?post=563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}