25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Adoption of Cloud Applications by the Healthcare Industry Increases Dramatically

The healthcare industry may have been slow to start using cloud applications, but over the course of the past 12 months, healthcare cloud app adoption has increased significantly. Last year, only 8% of healthcare organizations had started using cloud apps. This year that figure has jumped to 36%. Bitglass Report Shows Major Increase in Healthcare Cloud App Usage While there has been a massive jump in the adoption of cloud apps by healthcare organizations, the industry is still well behind almost all other sectors. Heavy regulation and fears about the security of the cloud has held organizations back. It is a similar story for the financial sector. Uptake has been rapid over the course of the past 12 months, but with an adoption rate of just 37.5%, it is only barely above the healthcare industry. Bitglass figures show an increase of more than 71% in adoption rates across all industries, but there are big differences between regulated and unregulated industries. Last year, 15% of organizations in regulated industries were using cloud applications. This the figure has risen to 39%....

Read More

New Study Highlights Potential Fallout After a Data Breach

The fallout after a data breach is suffered can be considerable. Consumers are willing to switch brands, and while changing healthcare provider or insurance company is not as straightforward, patients and health plan members are also willing to switch healthcare providers after a data breach. Potential Fallout After a Data Breach is Suffered State attorneys general and OCR financial penalties can be expected after a data breach is suffered that exposes the Protected Health Information (PHI) of patients and health plan members. Risk mitigation measures must be implemented, including the provision of credit monitoring and identity theft resolution services to breach victims. Breach notification letters must also be mailed. These all carry a significant cost to HIPAA-covered entities. The cost from loss of business as a result of a data breach is more difficult to predict and quantify, although the potential loss of revenue could well eclipse the cost of breach resolution measures. The potential damage that can be caused to a brand is considerable, and recovering healthcare patient...

Read More
Day Pitney Launches New HIPAA Self-Assessment Tool Ahead of Compliance Audits
Dec16

Day Pitney Launches New HIPAA Self-Assessment Tool Ahead of Compliance Audits

Hartford, Conn., Dec. 14, 2015 – – Day Pitney LLP has announced the launch of a new HIPAA Self-Assessment Tool ahead of the second round of Dept. Health and Human Services’ Office for Civil Rights HIPAA-compliance audits. New HIPAA Self-Assessment Tool Launched Day Pitney, a full service law firm employing approximately 300 attorneys in it its Connecticut, New Jersey, New York, and Washington, D.C.  offices, has developed the HIPAA Self-Assessment Tool to assist covered entities with their final compliance efforts before the audits commence next quarter. James Bowers, Day Pitney director of Compliance Risk Services and former chief compliance officer at Aetna Inc., recently pointed out that “Companies should really start self-audits as soon as possible to make sure they are in compliance with the HIPAA rules.” The HIPAA Self-Assessment Tool allows covered entities to assess their organization for potential HIPAA violations, allowing them time to take action to address any issues before they are discovered by auditors. Covered entities should already have conducted risk...

Read More

OIG Audit Reveals High Risk Security Vulnerabilities at 3 Medi-Cal MCOs

The Department of Health & Human Services Office of Inspector General has recently published the results of information system reviews conducted on three Californian Medicaid managed-care organizations (MCOs). OIG Audits Reveal 74 High Risk Security Vulnerabilities at 3 Medi-Cal MCOs The OIG audits revealed numerous, significant security vulnerabilities at the three Medi-Cal MCOs being assessed. In total, 74 high-risk security vulnerabilities were discovered across 14 separate security control areas. Many of the vulnerabilities existed at all three Medi-Cal MCOs suggesting similar security vulnerabilities may well exist at all Medi-Cal MCOs. Each of the vulnerabilities had potential to place patient data at risk of exposure. In some cases, the security vulnerabilities were extremely serious. The vulnerabilities were categorized into three broad areas: Access controls, security management and configuration management. Access Management Controls Access controls included password and login controls, database security controls, the use of backup storage media, and portable device...

Read More
$750,000 HIPAA Fine for University of Washington Medicine
Dec14

$750,000 HIPAA Fine for University of Washington Medicine

The University of Washington Medicine has agreed to settle with the Department of Health and Human Services’ Office for Civil Rights and will pay a HIPAA fine of $750,000 for potential HIPAA violations stemming from a 90,000-record data breach suffered in 2013 A flurry of HIPAA Enforcement Activity as 2015 Draws to a Close There has been a flurry of HIPAA enforcement activity over the past few weeks. First came news of a $90,000 settlement between the Connecticut OIG and Hartford Hospital in late November, then news of a $850,000 settlement between OCR and Lahey Hospital and Medical Center. That was closely followed by the announcement of a $3.5 million settlement between OCR and Tripe-S of Puerto Rico, and now the University of Washington Medicine has agreed to settle potential HIPAA violations with OCR. Spam Email Behind 90,000-Record Data Breach On November 27, 2013, the University of Washington Medicine alerted OCR to a data breach that exposed the Protected Health Information (PHI) of approximately 90,000 UWM patients. The data breach occurred as a result of an employee...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist