Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on HIPAA. Moving into 2020, organizations with health data should be aware of: Shifting OCR enforcement priorities, regulators’ continued attention to key HIPAA compliance activities, the changing threat landscape for health data, and new guidance and frameworks for health data not regulated by HIPAA.