The IRS audits about 1.5% of all tax returns that are filed. Looked at another way, there is a 98.5% chance that the IRS will not audit your return. Yet even with this very low percentage of people that get audited, most people are very frightened that they will be one of the unlucky individuals. Does this fear make them more honest on their taxes? I am not sure what the impact of this fear is but I would guess that it does.
The fear of the IRS does not carry over to the fear of the Department of Health and Human Services (HHS) or the Office of Civil Rights (OCR) who is charged with HIPAA enforcement. Most healthcare organizations are not compliant with HIPAA regulations. Most likely the lack of enforcement over the past few years have given healthcare organizations a sense of security that they will not be audited or fined for not being compliant with HIPAA.
So as OCR starts to increase its enforcement of the HIPAA regulations, will organizations start to fear audits like they do with the IRS? Will this fear drive them to take HIPAA and patient security more seriously? Based on the fear of the IRS, I would have to say that there is a good chance increased enforcement will lead to more HIPAA compliance.
What do you think?