The Health Insurance Portability and Accountability Act (HIPAA) and its regulations have existed for over twenty years. Although most health care providers are familiar with its requirements, most health care providers are less familiar with the ways in which HIPAA is enforced. They are likewise unaware of how HIPAA investigations are initiated, the processes they follow, nor the types of information the Department of Health and Human Services’ Office for Civil Rights (OCR) requires in the course of an investigation. Many also fear the imposition of stiff penalties, likely as a result of seeing headlines about multi-million dollar settlements by other providers. In “HIPAA Enforcement On the Books and In Practice: When It all Goes Wrong,” Dan addresses HIPAA enforcement, explaining both the regulatory provisions that govern it, and how that enforcement plays out in practice. In addition to explaining the enforcement rule and how the OCR actually employs it, Dan also offers practical guidance based on personal experience in helping clients navigate HIPAA breaches without having to pay penalties or enter into settlement agreements.