CMS has a released a fact sheet on HIPAA Privacy and Security basics for providers. Designed to provide education on covered entities and Business Associates under the HIPPA Privacy Rule.

Examples of a Covered Entity would be:

  • Doctors
  • Clinics
  • Psychologists
  • Dentists
  • Chiropractors
  • Nursing Homes
  • Pharmacies
  • Health Plans
  • Clearing houses
  • Any person or organization assisting in transmitting a transaction in electronic form, which HHS has adopted a standard for.

A Business Associate is a person or organization involved with the Covered Entity that creates, receives, maintains or transmits PHI on behalf of the Covered Entity. A Business Associate may also include several other contractors or subcontractors such as accountants, consultants or any kind of management involved in the use or disclosure of PHI.

For more information, as well as a list of resources and links to additional information from HHS Office for Civil Rights (HHS administers and enforces the HIPPA Privacy and Security Rules) visit