Ask the Expert

How to determine if you're responsible for meeting HIPAA requirements

I am trying to understand who is a covered entity under HIPAA. We are a large corporation that is self-insured that has contracted with several health plans and a private benefit administration firm for our health benefits. Is our corporation expected to meet HIPAA because we are self-insured?

    Requires Free Membership to View

In a nutshell, if your plan pays for the cost of medical care and/or submits health care transactions electronically, you might very well be considered a health plan that is a covered entity under HIPAA. I recommend that you check out the following Covered Entity Decision Tools page provided by the Centers for Medicare and Medicaid Services:

Also, the American Medical Association has a "Who must comply test" that can provide you with some general guidance as well. Check it out at:

For more information on this topic, visit these other resources:
  • Ask the Expert: When to seek legal consultation for HIPAA
  • Ask the Expert: Who will enforce HIPAA?
  • Best Web Links: Securing Health Care/Health Services

    This was first published in March 2003

  • There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: