• Engage in certain covered transactions on behalf of clients with third party
payers (insurance companies, HMOs, etc)
• AND who engage in those transactions electronically.
• Once a health care provider sends or receives covered transactions
electronically, that provider is forever after a covered entity and must
comply fully with all HIPAA rules and requirements with all patients.