As that link states, HIPAA extends to "business associates". Google isn't a "covered entity" as that has a specific definition, but it is a business associate in relation to a covered entity (e.g. health care providers). The reason for the two different terms is because covered entities deal with patients directly, thus have certain rules that only apply to them in relation to interacting with said patients. Since Google is a business associate that does not directly interact with patients, only the rules specifically in relation to PHI and other business activities apply as others (e.g. patient interaction) are moot.
Protected Health Information is protected under HIPAA for both covered entities and business associates alike. Otherwise, HIPAA would be pointless if covered entities could just pass the PHI to business associates or shell companies unfettered.
Note: I would not consider myself a "HIPAA expert", but I'm a clinical researcher that has to ensure HIPAA compliance for my lab.
Protected Health Information is protected under HIPAA for both covered entities and business associates alike. Otherwise, HIPAA would be pointless if covered entities could just pass the PHI to business associates or shell companies unfettered.
Note: I would not consider myself a "HIPAA expert", but I'm a clinical researcher that has to ensure HIPAA compliance for my lab.