This article reviews successful strategies in preparing for HIPAA Privacy compliance. There are ongoing challenges organizations will face after the compliance date, such as managing research issues, identifying all business associates and managing the accounting of disclosures process. Finally, health information professionals must play an active role in ensuring that patient information is protected, while providing appropriate access as new uses for information are developed.