Effective November 2011 the Government will start conducting HIPAA compliance audits. This program has been launched by the Officer for Civil Rights at HHS to test compliance by hospitals, office-based physicians, health plans and other “covered entities” with privacy and security rules under HIPAA. The audit program is one of the initiatives mandated by the American Recovery and Reinvestment Act of 2009. The program officially started Nov 4 with notification letters to 20 covered entities that had the honor of been the first ones audited. This is like playing the lotto without buying any tickets as all covered entities and business associates are eligible to be audited. As many as 120 covered entities and business associates will be audited before the end of the month. I have been saying it all along that HIPAA compliance is no longer having policies and posting the Notice of Privacy Practices. There are training, notification and audit requirements that must take place throughout the year. Granted, the audit program just started so your chances of been selected at this time are minimum, however, you don’t want to be a statistic as the one found non-compliant and paying fines for your negligence.