25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

HIPAA Breach Notice Issued After Colorado Medicaid Mailing Error
Aug18

HIPAA Breach Notice Issued After Colorado Medicaid Mailing Error

The Colorado Department of Health Care Policy and Financing issued a HIPAA breach notice yesterday, announcing the potential exposure of confidential records relating to 1,622 households. A limited amount of Protected Health Information (PHI) was inadvertently disclosed to Medicaid recipients after a recent mailing error. The mailing took place between May 25, and July 5, 2015; but due to a technical error, letters were sent to incorrect recipients. The error was noticed by a resident who had received correspondence with details of a different person, and the matter was reported to county workers on July 1, according to the breach notice; four days before the mailing was stopped and the problem corrected. After an investigation into the breach was conducted, the department determined that patient names, Medicaid numbers, state ID numbers, family member names, employer names, income from the employer, Advanced Tax Credit amounts, and approval status for Medicaid and Child Health Plan services were potentially disclosed. In less than 50 cases, the person’s date of birth was also...

Read More

Class-Action for Advanced Data Processing Breach Denied

An Advanced Data Processing breach lawsuit was recently filed in a Florida court, with the case taking just 24 hours to be tossed by the judge. In this case, the judge ruled that the move to certify the class was premature, and the case was denied, even though the plaintiff alleges to have suffered identity theft as a direct result of the data breach. In the lawsuit, the plaintiffs allege that in 2012, the healthcare clearinghouse suffered a data breach that exposed the Protected Health Information (PHI) for several months. The data stolen is alleged to have been used to steal identities and fraudulently obtain funds from the IRS. The suit also claims there was a delay in issuing breach notification letters to victims, some of whom were not notified of the theft of their data for three years. The data breach affected 27 agencies in 17 states, and in total 10,000 individuals had their data stolen and potentially sold to an identity theft ring. One plaintiff, Yehonatan Weinberg, claimed to have visited a Californian hospital in 2012, yet received a breach notification letter in April...

Read More

Health Net Federal Services Achieves URAC HIPAA Privacy Reaccreditation

Health Net Federal Services, LLC., has received URAC HIPAA Privacy reaccreditation, assuring current policyholders that their privacy is treated seriously, and HIPAA standards are being met. URAC – the new name for the former Utilization Review Accreditation Commission – is an independent, non-profit organization that accredits health care organizations, including health plans, in this case on the standards of the HIPAA Privacy Rule. Health Net Federal Services, LLC was awarded full reaccreditation for HIPAA privacy standards, effective from May 1, 2018. Health Net has been accredited with URAC since 2008. According to URAC President and CEO Kylanne Green, “By applying for and receiving URAC accreditation, Health Net Federal Services has demonstrated a commitment to quality health care,” she went on to say, “Quality health care is crucial to our nation’s welfare and it is important to have organizations that are willing to measure themselves against national standards and undergo rigorous evaluation by an independent accrediting body.” President of Health Net Federal Services,...

Read More

HIPAA Data Breach Report July 2015

The HIPAA Journal Healthcare Data Breach Report July 2015 has been compiled from breach reports submitted to the Department of Health and Human Services’ Office for Civil Rights. The breach reports give an indication of the current state of healthcare data security, and how well HIPAA-covered entities are applying HIPAA rules to keep patient data secured. Scroll down for our July 2015 healthcare data breach infographic summary. A Bad Month for Patient Privacy   Hackers struck again in July, causing two large scale data breaches that exposed the records of millions of patients; two of the most serious healthcare data breaches ever reported. Hackers were discovered to have compromised the systems of four more healthcare providers, and stole highly confidential medical data and millions of Social Security numbers.   Risk of Hacking Greater than Ever   Hackers may have only accounted for four of the 21 data breaches reported in July, but those attacks proved highly damaging. 8,464,637 new breach victims were confirmed by the July breach reports, 8,409,141 of which were...

Read More

Increased Risk of Harm Not Grounds For Advocate Health Breach Lawsuit

An Advocate Health breach lawsuit was recently deemed to be too speculative to warrant a class-action claim for damages. The Illinois Appellate Court recently ruled that an increased risk of suffering harm as a result of an exposure of confidential health data is insufficient by itself to confer standing in a class-action data breach claim. The risk of harm was not deemed to be severe enough to warrant a data breach class action lawsuit. For damages to be awarded, evidence of actual harm must be provided. The case, Maglio v. Advocate Health and Hospitals Corporation, was filed by Matias Maglio on behalf of Macailee Maglio, Alexander Gill, and a number of other patients and next friends of minors affected by the breach. The plaintiffs allege they face an increased risk of suffering identity theft and fraud as a result of the exposure of their Protected Health Information (PHI). No identity theft had yet been reported or been suffered by any of the patients named in the lawsuit. The threat of fraud and loss was believed to be sufficient grounds for the complaint. The defendants moved...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist