Are You HIPAA Compliant?

One question I have heard repeatedly since I arrived at CDPAANYS is, “Am I a covered entity under HIPAA?”  Like everything else in CDPA, FIs handle confidential patient information, so we are covered.  However, FIs do not provide a medical service and are not a health care provider, so we are not covered.

What is the answer?

Well, for better or worse, there is now a concrete answer.  If you have signed an Administrative Agreement with a managed care plan, you ARE a covered entity.

The Administrative Agreement states in section 16 that “Each party understands the other Party to be a covered entity, as that term is defined by the Health Insurance Portability and Accessibility Act (“HIPAA”)…”

Therefore, by signing the Administrative Agreement, you declared yourself a covered entity.

If you have not been treating yourself as a covered entity in the past – it is time to start.

Leave a Reply