All covered entity organizations that handle protected health information (PHI) must follow the HIPAA Privacy Rule. Under HIPAA, PHI is individually identifiable health information that is used, maintained, stored or transmitted by a HIPAA covered entity. It is the responsibility of these organizations to safeguard all protected health information and demonstrate this through a carefully crafted HIPAA compliance plan. The covered entity could be a healthcare provider, health plan, health insurer or healthcare clearinghouse. HIPAA Associates is here to help you with you understand the HIPAA Privacy Rule in your practice.