Explosive growth in digital health over the last few years means there are many developers and managers who haven’t worked under HIPAA before. This guide is written for startups (and small businesses operating online) who could use some help with the basics of HIPAA compliance.
(a) Except as otherwise provided, the standards, requirements, and implementation specifications adopted under this part apply to the following entities:
(1) A health plan.
(2) A health care clearinghouse.
(3) A health care provider who transmits any health information in electronic form in connection with a transaction covered by this subchapter.
(b) Where provided, the standards, requirements, and implementation specifications adopted under this part apply to a business associate.
[68 FR 8375, Feb. 20, 2003, as amended at 78 FR 5692, Jan. 25, 2013]