What Industries Does HIPAA Affect? 

HIPAA affects a number of industries within and outside of the medical field.

  • HIPAA covers health care providers, including doctors, clinics, psychologists, dentists, chiropractors, nursing homes, and pharmacies. However, HIPAA only applies to these industries in the event that they transmit information electronically by a means for which HHS has already established a standard.
  • HIPAA covers health plans, meaning health insurance companies, company insurance plans, and government programs such as Medicare, Medicaid, and military health care programs.
  • Health care clearinghouses are also required to be HIPAA compliant. This includes businesses that process health information received from other businesses, for instance, for billing facilitation.

Further, these industries are also affected, as of the 2009 HITECH act and the 2013 Final Omnibus Rule that requires business associates to also be strictly HIPAA compliant:

  • Data processing firms/software companies that are exposed to protected health information (PHI)
  • Medical equipment service companies that handle equipment that contains PHI
  • Shredding and document storing companies
  • Consultants hired to perform audits
  • Lawyers
  • Technology companies
  • Software companies
  • Professional translators
  • Answering services
  • Accreditation agencies
  • e-prescribing services
  • Medical transcription services
  • Any company that creates, maintains, or transmits PHI

Here's a question and answer tool provided by HHS to easily determine whether or not you are a "covered entity".