> it's about whether they transmit specific HIPAA "transactions" electronically.
That's correct, but if you don't accept insurance then you will not transmit anything that meets the criteria to be covered by HIPAA. At least, in terms of being a provider. Things are different if you're a health plan or clearing house.
I spent a lot of time and money questioning this with lawyers at a health tech startup I previously worked at. The underlying reality is nearly the entire US healthcare system falls under HIPAA because nearly everyone wants to accept insurance. However, if you're a doctor running a cash-only business you will not be a covered entity, even if you send PHI electronically.
That's correct, but if you don't accept insurance then you will not transmit anything that meets the criteria to be covered by HIPAA. At least, in terms of being a provider. Things are different if you're a health plan or clearing house.
I spent a lot of time and money questioning this with lawyers at a health tech startup I previously worked at. The underlying reality is nearly the entire US healthcare system falls under HIPAA because nearly everyone wants to accept insurance. However, if you're a doctor running a cash-only business you will not be a covered entity, even if you send PHI electronically.