Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

Blogs

Events

Glossary

Guides and reports

What is a HIPAA-covered entity?

‍

A HIPAA-covered entity is an individual, organization, or agency to which the HIPAA Rules apply; covered entities include health care providers, health plans, and health care clearinghouses.

Health care providers include those providers who electronically submit HIPAA transactions like claims. Providers include but are not limited to:

‍

Doctors
Clinics
Psychologists
Dentists
Chiropractors
Nursing homes
Pharmacies

For HIPAA purposes, health plans include:

‍

Health insurance companies
HMOs or health maintenance organizations
Employer-sponsored health plans
Government programs that pay for health care, like Medicare, Medicaid, and military and veterans’ health programs

Health care clearinghouses are public or private entities that process or facilitate the processing of nonstandard health information into standard data elements on behalf of other organizations.

HIPAA Rules apply to covered entities as well as business associates. If a covered entity engages a business associate to help carry out health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes what the business associate has been engaged to do, and requires the business associate to comply with HIPAA.

Related Terms

Additional resources you might like:

Compliance

Events

Navigating Fintech Compliance in an Evolving Regulatory Landscape

Join Vanta and Codat for a deep-dive on how to future-proof your fintech’s compliance strategy and transform it into a competitive advantage.

Comparisons and reviews

Blog

Why enterprise leaders choose Vanta over Drata to prove and manage trust

Learn how Vanta is uniquely equipped to meet the needs of large, complex organizations.

GRC

Events

The New Growth Playbook: How GRC Unlocks Trust and Speed at Scale

Join experts from Vanta, and Sensiba for a practical discussion on how to evolve your approach to risk and compliance — turning it from a blocker into a business accelerator.

SOC 2

Events

Demo: Automating Compliance for SOC 2, ISO 27001, HIPAA, and More

Join our demo to learn how Vanta helps organizations streamline compliance for frameworks like SOC 2, ISO 27001, HIPAA, and more.

Vendor Risk Management

Events

Demo: Navigating Third-Party Risk Through Vanta’s Vendor Risk Management

Watch this on-demand demo to learn how Vanta’s Vendor Risk Management solution automates and streamlines security reviews so that you can spend less time on repetitive work and more time strengthening your security posture.

GRC

Events

Turning Chaos Into Clarity: Continuous Security at Scale

Watch this on-demand demo to learn how automated, continuous trust management replaces manual processes, helps you stay audit-ready, strengthens risk insights, and turns your GRC program into a business advantage.

SOC 2

Events

Demo: Automating SOC 2, ISO 27001 & More with Vanta

Watch this on-demand demo that will showcase how Vanta simplifies compliance, centralises security workflows, and automates evidence collection across 35+ frameworks like SOC 2, ISO 27001 and more.

GRC

Events

The New Rules of Trust: Compliance, Risk, and AI

Watch on-demand as Ashish Rajan, CISO at Kaizenteq (and host of the Cloud Security Podcast), and Faisal Khan, GRC Subject Matter Expert at Vanta have a tactical conversation on what it really takes to mature compliance, risk, and trust in the age of AI.

Compliance

Guide / Report

The ultimate guide to FedRAMP: A requirements guide for authorization

Learn about FedRAMP authorization, from impact levels to compliance steps, to unlock opportunities with U.S. federal agencies.

Follow us

What is a HIPAA-covered entity?

Related Terms

Additional resources you might like:

Additional resources you might like:

Get compliant and build trust—fast