Chapter 3: Do I Need to be HIPAA compliant?
This is the most important question you can ask, because HIPAA violations can result in some serious penalties.
If you handle, store or transmit protected health information (PHI) to or from a covered entity then you need to be HIPAA compliant.
If you skipped straight here and don't know what PHI is, read this part of the guide.
Who needs to be HIPAA compliant?
The short answer is that the HIPAA rules apply to both Covered Entities and their Business Associates. HHS.gov
In chapter 2, we explain the role of covered entities and business associates. Learn more about HIPAA by reading our resources.