HIPAA
Home Contacts Site Map
Common HIPAA definitions
Up

Common HIPAA definitions

Covered Entity

An entity which is regulated by HIPAA.  Covered entity means: (1) A health plan. (2) A health care clearinghouse. (3) A health care provider who transmits any health information in electronic form in connection with a transaction specified in the HIPAA regulations.

De-identified Health Information see this page
HHS The US Department of Health and Human Services - the authors of HIPAA Administrative Simplification regulations
Health Care

Health care means care, services, or supplies related to the health of an individual. Health care includes, but is not limited to, the following: (1) Preventive, diagnostic, therapeutic, rehabilitative, maintenance, or palliative care, and counseling, service, assessment, or procedure with respect to the physical or mental condition, or functional status, of an individual or that affects the structure or function of the body; and (2) Sale or dispensing of a drug, device, equipment, or other item in accordance with a prescription.

Health Care Provider

Health care provider means a provider of services (as defined in section 1861(u) of the Act, 42 U.S.C. 1395x(u)), a provider of medical or health services (as defined in section 1861(s) of the Act, 42 U.S.C. 1395x(s)), and any other person or organization who furnishes, bills, or is paid for health care in the normal course of business.

Health Information

Health information means any information, whether oral or recorded in any form or medium, that:
(1) Is created or received by a health care
provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and
(2) Relates to the past, present, or future
physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual.

HIPAA Health Insurance Portability and Accountability Act
Individually Identifiable Health Information

Individually identifiable health information is information that is a subset of health information, including demographic information collected from an individual, and:
(1) Is created or received by a health care
provider, health plan, employer, or health care clearinghouse; and
(2) Relates to the past, present, or future
physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual; and
(i) That identifies the individual; or
(ii) With respect to which there is a
reasonable basis to believe the information can be used to identify the individual.

OCR The US Office of Civil Rights - responsible for enforcement of the HIPAA Privacy regulations
Protected Health Information

Protected health information means individually identifiable health information:
(1) Except as provided in paragraph (2) of
this definition, that is:
(i) Transmitted by electronic media;
(ii) Maintained in any medium described
in the definition of electronic media at 162.103 of this subchapter; or
(iii) Transmitted or maintained in any
other form or medium.
(2)
Protected health information excludes individually identifiable health information in:
(i) Education records covered by the
Family Educational Rights and Privacy Act, as amended, 20 U.S.C. 1232g;
(ii) Records described at 20 U.S.C.
1232g(a)(4)(B)(iv); and
(iii) Employment records held by a
covered entity in its role as employer.

   
   
   
 

This material is designed for internal University at Buffalo use only and is copyrighted.  Information and documents available on this site may be freely copied and used with appropriate attribution to the University at Buffalo.  None of the information on these pages should be construed as legal advice or expert opinion with respect to how any particular function or entity engages in work to come into compliance with HIPAA.
Last updated: July 28, 2009.  Privacy Policy
Hit Counter