HIPAA compliance is not a onetime event. Once you have achieved HIPAA compliance, you are not nished with your eorts. You must now work to ensure your organization stays compliant, and this can be the hard part. is may become especially challenging in environments where there are many facilities in dierent locations and businesses that have very complex information systems. Even smaller covered entities (CEs) and business associates (BAs) that have the talent resources to do things properly can struggle.