25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Davies, McFarland & Carroll; Awakenings Center Data Breaches Impact 72,500 Individuals
Dec10

Davies, McFarland & Carroll; Awakenings Center Data Breaches Impact 72,500 Individuals

Data breaches have been announced by the medical malpractice law firm Davies, McFarland & Carroll, the sex therapy and couples counseling provider Awakenings Center, and the Maryland healthcare provider, Adventist HealthCare. Davies, McFarland & Carroll, Pennsylvania Davies, McFarland & Carroll LLC, a Pittsburgh, PA-based law firm specializing in medical malpractice, has experienced a significant data breach involving unauthorized access to the sensitive information of 54,712 individuals. Davies, McFarland & Carroll is a business associate of HIPAA-covered entities and is provided with access to protected health information to provide its legal services. On or around May 22, 2025, a network intrusion was detected. External cybersecurity experts were engaged to investigate the incident and confirmed that an unauthorized third party had access to its network from May 19, 2025, to May 22, 2025, during which time files containing sensitive data were either viewed or acquired. The forensic investigation and file review concluded on September 25, 2025, when it was...

Read More
Data Breaches Announced by Morton Drug Company & Physicians to Children & Adolescents
Dec10

Data Breaches Announced by Morton Drug Company & Physicians to Children & Adolescents

Data breaches have been announced by Morton Drug Company in Wisconsin, Physicians to Children & Adolescents in Kentucky, and the Center for Urologic Care of Berks County in Pennsylvania. Across the three incidents, the protected health information of more than 50,000 patients was exposed. Morton Drug Company, Wisconsin Morton Drug Company (Morton LTC), a Wisconsin-based pharmacy specializing in long-term care, has recently disclosed a security incident that has affected 40,051 individuals. The incident impacted its IT systems and was detected on or around August 20, 2025. Third-party cybersecurity experts were engaged to investigate, contain, and remediate the incident, and law enforcement was notified. Unauthorized network access was confirmed, and a review was conducted to determine the extent to which sensitive data had been exposed. On or around October 21, 2025, Morton LTC determined that patient data had been exposed and may have been stolen. The types of data involved vary from individual to individual and may include name in combination with address, prescription...

Read More
Building a Stronger Compliance Program With Software
Dec09

Building a Stronger Compliance Program With Software

Healthcare compliance software is a comprehensive management tool that helps professional compliance officers to effectively oversee compliance efforts across their organization’s facilities, by proactively managing risk, streamlining workflows, improving collaboration, and demonstrating the achievement of compliance objectives to stakeholders. What Are The Benefits Of Healthcare Compliance Software? For a compliance pro, the benefits of compliance software are: 1. Increased Visibility: Compliance software provides real-time visibility into compliance activities across sites, including incident management, allowing the chief compliance officer to monitor progress, track key metrics, and identify areas that require attention, on a per site and per employee basis. This increased visibility and granularity enhances the chief compliance officer’s ability to effectively oversee compliance efforts across the organization. 2. Streamlined Workflows: Compliance software automates many administrative tasks related to compliance management, such as tracking compliance activities,...

Read More
Bill Reintroduced to Strengthen Healthcare Cybersecurity
Dec09

Bill Reintroduced to Strengthen Healthcare Cybersecurity

A bipartisan quartet of Senators has reintroduced the Health Care Cybersecurity and Resiliency Act of 2025 in another attempt to bolster privacy and healthcare cybersecurity. The Health Care Cybersecurity and Resiliency Act of 2025 was introduced by Senate Health, Education, Labor, and Pensions (HELP) Committee Chair Bill Cassidy (R-LA), and was co-sponsored by Sens. Mark Warner (D-VA), Maggie Hassan (D-NH), and John Cornyn (R-TX). The bill is the product of a bipartisan healthcare cybersecurity working group established in 2023, and it is largely unchanged from its first iteration, the Health Care Cybersecurity and Resiliency Act of 2024, which was introduced in November 2025 with little time for consideration before Congress adjourned at the start of this year. Cyberattacks on healthcare organizations have steadily increased over the past decade, with a significant uptick in recent years. In each of the past four years, more than 700 data breaches have been reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), with large data breaches now...

Read More
What is 42 CFR Part 2?
Dec09

What is 42 CFR Part 2?

42 CFR Part 2 is a set of federal regulations that protects the confidentiality of substance use disorder patient records created, received, maintained, or transmitted by a federally assisted Part 2 program or by a lawful holder of the information. The purpose of the regulations is to reduce stigma and discrimination associated with substance use disorders by ensuring sensitive information is not disclosed without consent.  At the start of the 1970s, Congress recognized that drug abuse was rapidly increasing and affecting urban, suburban, and rural communities. As part of a long-term national strategy, Congress passed a series of Acts to combat drug and alcohol abuse through prevention, treatment, rehabilitation, education, and law enforcement.     Recognizing that, if it were known that patients were seeking help for substance use disorders, they may experience personal, professional, and legal consequences, Congress also instructed the Secretary of Health and Human Services to develop regulations to protect the confidentiality of patients in federally assisted programs.   The...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist