Biometrics Direct - Your source for fingerprint biometric security products for home and business.  Biometric door locks, fingerprint USB security and PC biometric login

View Cart | Home | Support | News | Policies | Resellers | Contact Us | Sitemap |  

Contact Us Toll Free in the USA - 1-800-519-8800
Direct and International Support - +1 206-973-2137

Home Products iQBioBlog Where to Buy Support Smart Cards Card Printing ID Cardz ASG Global
Biometrics Direct - Your Source for Fingerprint Biometric Security Products for Home, Travel and Office
iQBio - "Unlock the Power of Your Print"

Site Navigation

Physical Access Control
iGuard IP Appliance

PC & Network Access
BioCert PC Peripherals
ACS Smart Card

Developer Products
ACS Development Kits
- Smart Cards
- Smart Card & Bio

Biometric Solutions

Other Products
ACS Smart Cards
Smart Card Supply
Card Five ID Software
PVC ID Card Products
Pebble ID Printer
Quantum PVC Printer
DNP Reverse Printers

Biometrics Education
Biometrics FAQ
Biometric Terms
Biometrics 101
US Biometrics Laws
Your Data in the Wild
2006 Data Breaches
2007 Data Breaches

Personal Privacy Risk
Biometrics Links


Toll Free & Int'l VOIP
with "Follow Me" Service


Overview of HIPAA
Privacy Standards
US HHS Privacy Brief
Security Standards
Security Guide for IT
Requirements for Data
Does it Affect Me?
HIPAA Non-Compliance
Filing HIPAA Complaint
BioCert® for HIPAA

HHS & CMS Guides


This version includes COMPANY NOTES from Biometrics Direct Commentary
James Childers - CEO of ASG - My NOTES will be highlighted

Who is affected by HIPAA?

The law applies directly to three groups referred to as “covered entities.”  Under HIPAA, this is a health plan, a health care clearinghouse, or a health care provider who transmits any health information in electronic form in connection with a HIPAA transaction. Also see Part II, 45 CFR 160.103.

  • Health Care Providers: Any provider of medical or other health services, or supplies, who transmits any health information in electronic form in connection with a transaction for which standard requirements have been adopted.

  • Health Plans: Any individual or group plan that provides or pays the cost of health care.

  • Health Care Clearinghouses: A public or private entity that transforms health care transactions from one format to another.

HIPAA, however, indirectly affects many others in the health care field. For instance, software billing vendors and third party billing services that do not qualify as clearinghouses or some other covered entity, are not covered by HIPAA. They may however need to change their business operations if they are trading partners or business associates of a covered entity.

This is Where The Definitions Get "Sticky"...  Business Associates - what is a "Business Associate"?

A Business Associate is an individual or entity that receives protected health information (PHI) from a covered entity, such as a medical practice, so that the business associate may perform services or functions, or assist in the performance of services or functions, on behalf of the covered entity. HIPAA mandates the covered entity require a Business Associate to sign a Business Associate Agreement (BAA).

This agreement pulls parties that normally do not fall under the definition of a covered entity right into the HIPAA water. The agreement requires the BA to offer the same protection of the data as the covered entity must and it is a contract enforceable in court. If the BA does not sign the agreement or fails to protect the data, HIPAA requires the covered entity to terminate relationship with the BA. Bottom line is BA's must follow the same guidelines as a covered entity. A BAA can also be an addendum to an existing business agreement and does not have to be separate.

What are some examples of Business Associates?

  • Lawyers
  • Accountants
  • Consultants
  • Billing Companies
  • Collection Agents
  • Practice Managers
  • Medical Transcription Service
  • IT Support Services
  • Computer Repair
  • Help Desk Outsourcing

An employee of the covered entity or a member of the covered entity's own workforce is not considered a business associate. Independent contractors are Business Associates. Also, other health care providers to whom covered entities disclose PHI for treatment purposes are considered business associates, too. This includes other covered entities as well as those not directly affected by HIPAA.

Business Associates need to demonstrate "HIPAA Compliance" by going through the same processes that a covered entity must. This means setting up a manual for HIPAA policies & procedures and training employees and implementing the PRIVACY STANDARD.


Copyright © 2002-20012 Artemis Solutions Group, Use of this site or purchase subject to these Terms and Conditions of use.
Some images used on this website are Copyright (c) Comstock and used under license.