Drexel University Clinical Covered Entities
HIPAA Privacy and Security Program
Consistent with the requirements as set forth in 45 C.F.R. §§ 164.103 and 164.105 as related to HIPAA and HITECH, Drexel University is one legal entity, specifically a hybrid entity. A hybrid entity includes both covered and non-covered functions, and designates its health care components as provided in the Privacy Rule. If a covered entity is a hybrid entity, the Privacy Rule generally applies only to its designated health care components. However, non-health care components of a hybrid entity may be affected because the health care component is limited in how it can share PHI with the non-health care component.
Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.
HIPAA Privacy Policies and Procedures
Notice of Privacy Practices
Administrative Safeguard Policies
Physical Safeguard Policies
Technical Safeguard Policies
Back to Top