25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

HB300 Training
Nov03

HB300 Training

HB300 training is similar to HIPAA training inasmuch as employees of entities covered by the Texas Medical Privacy Act are required to undergo training on what Protected Health Information is and how the privacy of individually identifiable health information must be protected from unauthorized access and impermissible disclosures. However, there are some significant differences between HIPAA and the Texas Medical Privacy Act as amended by Texas HB300. Where differences exist, the Texas Medical Privacy Act preempts HIPAA if the Act increases the duties of Covered Entities, has greater protections against unauthorized access and impermissible disclosures, or provides more patients’ rights. Who is Required to Comply with HB300? The Medical Privacy Act of 2002 states any entity (individual or organization), employee, agent, or contractor who creates, receives, obtains, maintains, uses, or transmits Protected Health Information (PHI) relating to a citizen of Texas is considered to be a Covered Entity under the Act. This definition includes entities outside of Texas with access to PHI...

Read More
OB-GYN Associates & Beverly Hills Oncology Medical Group Issue Breach Notifications
Nov03

OB-GYN Associates & Beverly Hills Oncology Medical Group Issue Breach Notifications

OB-GYN Associates in Nevada and Beverly Hills Oncology Medical Group in California have recently started notifying patients affected by hacking incidents. OB-GYN Associates, Nevada OB-GYN Associates, a women’s health clinic in Reno, Nevada, has recently mailed notification letters to 62,238 individuals warning them that some of their protected health information has been exposed in a recent security incident. On or around August 7, 2025, suspicious activity was identified within its IT environment. Third-party cybersecurity experts were engaged to investigate the activity and confirmed that there had been unauthorized access to parts of its network where patient data was stored. The review of the affected data was completed on September 29, 2025. While no evidence of data misuse has been identified, patients have been informed that their first and last names, Social Security numbers, driver’s license numbers, and medical information have been exposed and may have been stolen. As a precaution against data misuse, the affected individuals have been offered complimentary single-bureau...

Read More
HIPAA Training for Medical Assistants
Nov03

HIPAA Training for Medical Assistants

HIPAA training for medical assistants helps healthcare organizations comply with HIPAA by preparing medical assistants to protect protected health information (PHI) during patient intake, clinical support tasks, documentation, and everyday communications. Medical assistants often work at the intersection of clinical and administrative activity, which means PHI can be encountered in many quick handoffs and routine processes where small mistakes can lead to disclosures or security events. HIPAA Training for Medical Records and PHI Medical assistants handle PHI in appointment schedules, rooming notes, vital signs, histories, medication lists, lab requisitions, referral paperwork, immunization records, and follow-up instructions. PHI can also appear in messages, printed summaries, faxes, scanned documents, task lists, and spreadsheets used to manage clinic flow. Training should reinforce that PHI is not limited to diagnoses and test results, since identifiers combined with service context, visit details, or care instructions may be PHI depending on how the information is used and...

Read More
HIPAA Training for Emergency Medical Technicians (EMTs)
Nov02

HIPAA Training for Emergency Medical Technicians (EMTs)

Emergency Medical Technicians (EMTs) need the standard HIPAA training that all healthcare staff receive and additional training on the HIPAA Rules during emergencies because they collect and share patient information during emergencies, and they must protect privacy while communicating quickly with dispatch, partners, hospitals, and other responders. Why HIPAA applies to EMT work EMTs encounter Protected Health Information (PHI) in almost every call, from names and addresses to symptoms, medications, and transport notes. The challenge is that EMT care happens in public places, crowded homes, schools, roadsides, and ambulances where privacy is harder to control. HIPAA training should help EMTs balance two priorities at the same time, providing safe and effective care and preventing unnecessary exposure of patient information. What EMTs should learn in a core HIPAA course A strong course starts with the basics and then connects them to how EMTs work. EMTs should understand the meaning of PHI and ePHI, the purpose of Minimum Necessary standard, and how permitted uses and disclosures...

Read More

HIPAA Compliance for Hospices

HIPAA compliance for hospices has to take into account that many members of the workforce may be volunteers or clergy who are less familiar with compliance requirements, yet who may be placed under extreme emotional pressures from the families of patients they are caring for. HIPAA compliance is rarely straightforward in the healthcare industry, and HIPAA compliance for hospices is one area in which it less straightforward than most. The rules regarding the disclosure of Protected Health Information limit conversations with family members if patients have not previously given their consent for the conversations to take place. Furthermore, if no DPHA is appointed, obtaining consent when the patient cannot express themselves is impossible. And that´s just the beginning. Many hospices are supported by volunteers, who – under the Privacy Rule – are regarded as members of the workforce. Volunteers have to be provided with the same training on HIPAA, permissible disclosures of Protected Health Information and HIPAA-compliant policies as professional healthcare providers. They...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist