25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Did Siobhan Dunnavant Violate HIPAA? Senate Candidate Investigated by OCR

A complaint has been sent to the Department of Health and Human Services’ Office for Civil Rights regarding a Republican State Senate Candidate who sent a mailing to her patients to notify them of her intention to stand for office, and to solicit assistance with her campaign. Questions have been raised about whether Dr. Siobhan Dunnavant violated the Health Insurance Portability and Accountability Act’s (HIPAA) Privacy Rule by doing so. Did Siobhan Dunnavant Violate HIPAA? Dr. Dunnavant used her patient database to obtain the contact information of her patients, and subsequently sent emails and a letter announcing her candidacy, in an apparent effort to secure votes, contributions and volunteers to help her with her campaign. Emails and letters are to be expected from a state senate candidate; however due to the strict rules covering the use of patient information under HIPAA, Dr. Dunnavant may have violated HIPAA Rules by doing so. Dr. Dunnavant also emailed her patients on three separate occasions in the run up to the primary elections in June. HIPAA Rules cover a number of...

Read More
Privacy and Security of Personal Wellness Data: CEA Releases New Private Sector Guidelines
Nov03

Privacy and Security of Personal Wellness Data: CEA Releases New Private Sector Guidelines

Wearable technology has proved popular with consumers, yet numerous questions have been raised about the privacy and security of personal wellness data collected, stored and transmitted by the devices. The Consumer Electronics Association (CEA) is well aware of the potential benefits of the devices, and also the risks of the privacy of users of the devices being violated. Currently the metrics recorded by the devices are limited, although there is considerable potential for devices to be developed that record a huge volume of data collected from consumers: Data that is actively recorded by the devices or entered in by users. Currently there are few privacy and security controls covering data privacy and security, and consequently, considerable variation in those implemented by device manufacturers. As the volume of data recorded grows, so too will the privacy risk. Now is therefore the time to start building security and privacy controls into the devices, yet many manufacturers of wearable technology are unsure about how best to secure data and protect the privacy of users....

Read More

Answers Demanded From Dept. Veteran Affairs After Social Security Numbers Exposed

The Department of Veteran Affairs (VA) has come under the spotlight again following an investigation conducted by News 3 reporters into a privacy breach that exposed the Social Security numbers of numerous veterans. The investigation revealed that veterans’ Social Security numbers had been sent via unencrypted email on a number of occasions, violating the privacy of veterans in addition to breaching federal regulations. The news report has prompted two Wisconsin senators to demand answers over the privacy breaches.   The News 3 investigation concerned a privacy incident that occurred in April of this year. An employee of the Wisconsin Department of Veteran Affairs was discovered to have emailed hundreds of Social Security numbers to an individual who was not authorized to receive the data. The email in question was sent to Mr. Terry Everson, a Wisconsin veteran, on April 1. Upon opening the attachment, Everson saw a list of unhyphenated nine digit numbers.  Approximately 400 Social Security numbers were listed in the attachment. The VA was promptly notified of the apparent...

Read More

BeHealthy Mailing Error Sees PHI Printed On Outside of Envelopes

Florida-based BeHealthy Health Plan has inadvertently exposed the health insurance claim numbers of 835 subscribers after a mailing error resulted in the data being printed on the outside of envelopes. The mailing of benefit information packets took place on September 23, 2015, with the first complaints alerting the health plan to error being received 5 days later. The privacy breach affects members of the BeHealthy Medicare Advantage Plan who live in Manatee and Sarasota counties. The exposure of a single data element such as the insurance claim number would not typically be a major cause for concern; however, in this case the health insurance claim numbers included the Social Security numbers of plan members. Since the letters also contained the names and addresses of subscribers to the health plan, it is conceivable that this information could be used inappropriatel; should any of the letters have been intercepted. Any exposure of Social Security numbers is a serious matter, and BeHealthy has responded accordingly. All affected individuals have been offered a year of identity...

Read More

Over Half of IT Security Pro’s Do Not Believe They Will be Targeted by Hackers

Major cyberattacks have been suffered by a number of HIPAA-covered entities this year. The frequency of cyberattacks on healthcare providers and insurers has increased. However, over half of IT security professionals do not believe their organization will become a victim of a cyberattack, according to a new report issued by the Ponemon Institute. Should this belief turn out to be true it is great news, as 61% of IT pros do not believe their organization is well prepared to deal with a cyberattack if one does occur. If they are wrong, it is very bad news indeed. Cybersecurity Survey Produces Worrying Results   The results of the Ponemon survey are worrying. Evidence suggests cyberattacks on healthcare providers have increased, and the volume of records exposed in those attacks has spiraled this year. Unfortunately, despite the increase in attack frequency and severity, HIPAA-covered entities do not appear to be doing much to counter the threat according to the report. IT security professionals were asked what measures they were planning to deploy over the coming 12 months, and...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist