Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Blogs
Events
Glossary
Guides and reports

Follow us

Linkedin iconFacebook icontwitter iconinstagram icon

What is a HIPAA-covered entity?

A HIPAA-covered entity is an individual, organization, or agency to which the HIPAA Rules apply; covered entities include health care providers, health plans, and health care clearinghouses. 


Health care providers include those providers who electronically submit HIPAA transactions like claims. Providers include but are not limited to: 

  • Doctors
  • Clinics
  • Psychologists
  • Dentists
  • Chiropractors
  • Nursing homes
  • Pharmacies 


For HIPAA purposes, health plans include:

  • Health insurance companies
  • HMOs or health maintenance organizations
  • Employer-sponsored health plans
  • Government programs that pay for health care, like Medicare, Medicaid, and military and veterans’ health programs


Health care clearinghouses are public or private entities that process or facilitate the processing of nonstandard health information into standard data elements on behalf of other organizations.


HIPAA Rules apply to covered entities as well as business associates. If a covered entity engages a business associate to help carry out health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes what the business associate has been engaged to do, and requires the business associate to comply with HIPAA.

Related Terms

Additional resources you might like:

Comparisons and reviews
Blog
The best TPRM software for 2026

Discover the best third-party risk management software solutions for 2026.

Compliance
Events
Getting Ready for APRA CPS 230/234 Compliance

Join our Q&A-led session that will highlight the most common CPS 234 readiness questions, and explore how CPS 230 builds on these foundations.

Comparisons and reviews
Blog
The best SOC 2 compliance software for 2026

Here are the best SOC 2 compliance software platforms, including Vanta and others.

Additional resources you might like:

Comparisons and reviews
Blog
The best TPRM software for 2026

Discover the best third-party risk management software solutions for 2026.

Compliance
Events
Getting Ready for APRA CPS 230/234 Compliance

Join our Q&A-led session that will highlight the most common CPS 234 readiness questions, and explore how CPS 230 builds on these foundations.

Comparisons and reviews
Blog
The best SOC 2 compliance software for 2026

Here are the best SOC 2 compliance software platforms, including Vanta and others.

Comparisons and reviews
Blog
The best ISO 27001 compliance software for 2026

Discover the best ISO 27001 compliance software options for 2026, including Vanta.

Compliance
Blog
What is vendor compliance, and why does it matter?

Learn about vendor compliance and its key regulations and requirements across industries.

Compliance
Blog
CRI Cyber Profile: A complete guide for financial institutions

Get in-depth insights into the CRI Cyber Profile and what it means for financial institutions.

Compliance
Blog
How to choose the right AI standard: A 7-point guide

Discover the seven essential questions that help you choose an AI standard for your organization.

Compliance
Blog
Government contracting compliance 101: Everything you should know

Understand the regulations and standards government contractors must meet—and the challenges involved.

Compliance
Events
Beyond Compliance: Building a Scalable Trust Program with Vanta

Join us to see how high-growth companies use Vanta to build trust, stay audit-ready, and scale with confidence.

Get compliant and build trust—fast

Request a demo
G2 Badge Winter 2026 LeaderG2 Badge Winter 2026 Enterprise LeaderG2 Badge Milestone 'Users Love Us'