This is an important development for health care employers, as well as those companies tied to the health care industry. A government report issued this week says HIPAA enforcement is not sufficient to protect electronic protected health information and recommends more audits. The result may be more “compliance reviews,” audits, for covered entities and business associates.   Here is a link to Jackson Lewis’ privacy blog with more detail: