25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Systema Software Data Breach: 1.5M+ Medical Records Accessible via AWS

Insurance claim data and other highly sensitive information were inadvertently posted on Amazon Web Services after an error was made by a contractor of Systema Software; a Business Associate of a number of HIPAA-covered health insurance providers. Systema Software was responsible for processing claims for a number of U.S insurance companies. The data exposed in the Systema Software data breach included Social Security numbers, insurance claim information, drug test results, details of medical services provided – and dates of treatment – billing amounts, and unique payment and claimant ID numbers. Personal information was also exposed which ties the records to specific individuals. The data also included details of claims that had been approved and rejected by insurance companies, as well as details of how those insurance carriers were expecting to defend certain claims. The data breach was discovered by tech enthusiast Chris Vickery, who became aware that system dump data was occasionally posted to the cloud via Amazon Web Services. Upon investigation Vickery discovered a huge...

Read More

Flowers Hospital Urges Federal Judge to Dismiss Class Action Data Breach Lawsuit

Lawyers representing Flowers Hospital in Dothan, AL, have urged a federal judge to dismiss a proposed class action data breach lawsuit filed against the hospital, against the recommendation of a magistrate judge. The lawsuit was first filed in May 2014, after a former employee of the hospital – Kamarian Millender, 29, of Headland, AL – was discovered to have stolen the Protected Health Information (PHI) of patients, with the intent of using the data to file false tax returns. Patient names, dates of birth, Social Security numbers and health plan information were stolen from the hospital between June 2013 and February 2014. The hospital discovered the theft on February 26, and Millender’s employment contract was terminated. Millender was subsequently charged with trafficking in stolen identities, and admitted to filing at least 73 fraudulent tax returns in the names of the victims. Flowers hospital issued breach notification letters to the victims shortly after the discovery of the privacy violation, and offered the affected patients a year of credit monitoring services...

Read More

Healthcare Industry Tops 2015 Data Breach List

The number of healthcare data breaches reported so far this year has been staggering, so it should come as no surprise to hear that the healthcare sector has suffered more data breaches than any other industry sector during the first six months of the year. According to a new data breach report compiled by data security firm, Gemalto, the healthcare industry’s 187 data breaches add up to 21.1% of all global data breaches reported in first half of the year. The report also suggests 34% of all healthcare records kept on U.S patients were exposed between January 1, and June 30 this year. The report provides data breach figures of 84 million compromised healthcare records, the majority of which came from the colossal cyberattack of Anthem, which resulted in 78.8 million records being exposed: 32% of the total number of global records exposed in data breaches, across all industries. Overall, 888 data breaches were reported during the first 6 months of 2015, resulting in 245.9 million records being exposed around the globe. The figures have remained pretty constant year on year according...

Read More

VA Data Breaches Fell Dramatically in August

The VA Information Security Report usually makes for unpleasant reading, oftentimes detailing numerous mis-mailings, mis-handling accidents, lost PIV cards, and lost and stolen devices; however the data breach figures for August are surprisingly low, with considerably fewer records exposed than in previous months. The number of veterans’ records exposed in July were half that of June, and the reduction has continued in August, with the VA data security report indicating just 431 veteran records were exposed. 127 breach notification letters were sent, and 304 individuals were offered credit protection services to mitigate the risk of harm. August has therefore been the best month for the VA since March 2015. Victims of VA Data Breaches in 2015   Month Veteran Records Exposed January 310 February 891 March 383 April 987 May 1018 June 2076 July 1031 August 431   Average number of records exposed per month: 890 Total number of veterans affected in 2015: 7,127   VA Data Breaches Continue to Fall   The total number of lost PIV cards reported for the month of August...

Read More

HIPAA Compliant Wellness Platform Launched By Fitbit

Yesterday, Fitbit, America’s leading manufacturer of activity and fitness trackers, announced it has developed a HIPAA compliant wellness platform which it aims to use to corner the lucrative healthcare market. The company has flirted with health and fitness trackers for the healthcare sector for some time; however, until now one of the major stumbling blocks has been the Health Insurance Portability and Accountability Act (HIPAA), which places a number of restrictions on the use of electronic devices capable of recording, storing and transmitting Protected Health Information (PHI). No electronic device can be fully HIPAA-compliant, as compliance with HIPAA Rules is dependent on the actions of the users of the devices. Therefore, rather than being billed as a HIPAA compliant wellness platform, Fitbit announced that it ‘supports’ HIPAA compliance, having incorporated the necessary safeguards – as demanded by HIPAA – to keep stored and transmitted data protected from prying eyes. According to James Park, CEO and Co-Founder of Fitbit, “We prioritize protecting our consumers’...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist