25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

The Slow Pace of Technology Adoption in Healthcare Explained

When it comes to implementing new technology, the healthcare industry lags behind every other industry sector. It is a well-known fact that the industry appears to resist change, even when those changes stand to significantly benefit patients. In an age of Smartphones, tablets, and the Internet of Things, many people would be amazed to find out that archaic communication methods such as pagers and faxes not only still exist, but are extensively used throughout the healthcare industry. In some cases, the new technology now being introduced by healthcare providers was first introduced in other industry sectors many years ago. There are very good reasons why the pace of change is so much slower in the healthcare industry rather than, say, the financial sector or manufacturing industry. Itamar Kandel, Chief Strategy Officer of TigerConnect, is well aware of the slow pace of change. During his time working with healthcare organizations at VERITAS Software and more recently at TigerConnect, he discovered the reasons why adoption of new technology is slow, even when technology can clearly...

Read More
Raytheon|Websense Rebrands as Forcepoint
Jan14

Raytheon|Websense Rebrands as Forcepoint

Raytheon|Websense has recently been rebranded. From January 14, 2016 the company will be known as Forcepoint. Forcepoint combines the cybersecurity products of Websense, which was acquired by Raytheon in May 2015, Raytheon – a major U.S. defense contractor, and the next generation firewall solutions of Stonesoft and Sidewinder, which were acquired from Intel Security this month. Forcepoint is a joint venture between Raytheon and Vista Equity Partners. The acquisitions which allow the company to provide a wide range of cybersecurity solutions to address the ever-evolving threat landscape through the transformative technologies of the cloud, mobility and IoT. The company is providing a cloud-centric platform that will safeguard data, networks, and end users. The combination of all services under the same brand will help the firm eliminate some of the inefficiencies of managing separate collections of cybersecurity products. The products of all companies will be combined into a platform solution that offers protection from internal and external threats, combining next generation...

Read More

Beware of Medical Device Ransomware in 2016 Warns Forrester Research

The spate of data breaches suffered by HIPAA-covered entities is set to continue in 2016 according to predictions by security experts. Malware and phishing attacks on healthcare providers are likely to continue to be used to obtain PHI from healthcare providers this year. While phishing and social engineering was used to gain access to data last year (Anthem, Premera), ransomware attacks have not plagued the healthcare industry, even though the use of the malicious software has grown. Hackers have preferred attacking healthcare providers for the data they hold rather than locking computers and demanding a ransom. Far greater rewards can be gained from obtaining millions of healthcare records than from locking a handful of computers. However, that does not mean that ransomware is not a problem, in fact, research and advisory company Forrester Research has predicted that ransomware attacks are going to be more of a problem in 2016, and the company believes that medical devices and wearables will be targeted. If the prediction turns out to be true, medical devices could be attacked...

Read More
Upgrade Internet Explorer to Remain HIPAA Compliant
Jan11

Upgrade Internet Explorer to Remain HIPAA Compliant

On Wednesday January 12, 2016., Microsoft will be stopping support and security updates for Internet Explorer 8, 9 and 10. All users of Internet Explorer must therefore upgrade to Internet Explorer 11, or make the switch over to Microsoft Edge in order to continue receiving support, security updates, and patches. 18 months ago, Microsoft announced that its internet browser updates for IE8, IE9, and IE10 would be stopping. Any user who has not yet upgraded now has just two days left before their browser officially becomes obsolete. Whenever software is discontinued and support and security patches are stopped, that software becomes a security risk. Vulnerabilities are discovered that are not patched, and hackers are likely to be able to take advantage. Microsoft recently issued a warning saying continued use of IE 10, 9 and 8 would leave individuals “at risk of viruses and other malicious software that exploit security flaws and bugs in the browsers.” Figures from Netmarketshare.com and Duo Security put the number of Internet Explorer users with IE10 and below installed at between...

Read More

A Year of HIPAA Enforcement: OCR HIPAA Penalties Issued in 2015

In its capacity as enforcer of the Health Insurance Portability and Accountability Act (HIPAA) Rules, the Department of Health and Human Services’ Office for Civil Rights (OCR) can issue fines to HIPAA-covered entities that fail to implement sufficient safeguards to keep the Protected Health Information (PHI) of patients and health plan members secure. OCR has been criticized in recent years for an apparent lack of enforcement, specifically for failing to issue financial penalties for clear violations of the HIPAA Privacy, Security, and Breach Notification Rules by HIPAA-covered entities. Covered entities are required to self-report data breaches to OCR under the Breach Notification Rule of 2009, and all data breaches that expose the PHI of more than 500 patients are investigated. Sometimes, those data breaches occur even when covered entities have implemented all of the administrative, technical, and physical controls that are required by the HIPAA Security Rule. However, in many cases, data breaches are suffered as a result of HIPAA failures. In such cases, action is taken by OCR...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist