On March 21, 2016, Health and Human Service’s Office for Civil Rights (“OCR”) announced the launch of the second round of national HIPAA audits. These audits are focused on covered entities (health plans and health care providers) and business associates (e.g., brokers, TPAs). The audits will target enforcement of HIPAA Privacy, Security and Breach Notification rules. OCR plans to conduct desk and onsite audits for both covered entities and their business associates. The first set of audits will be desk audits of covered entities followed by a second round of desk audits of business associates. OCR intends to complete desk audits by the end of December 2016.