25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

HIPAA Breach: 1,111 Veteran Records Improperly Dumped

The Department of Veterans Affairs has announced the potential exposure of 1,111 veteran health records after files containing Personally Identifiable Information (PII) and Protected Health Information (PHI) were accidentally tossed in a dumpster. The files were thrown out with regular waste by an employee of the VA Hot Springs Hospital in South Dakota on Friday, May 15, during a move to a different location. The files were mistaken for regular rubbish, and would have remained in the publically accessible dumpster were it not for a vigilant employee who noticed the dumped files two days later. The improper dumping was reported to the Veterans Affairs police, who went dumpster diving to retrieve the files. According to a press release issued by the Fort Meade-based VA Black Hills Health Care System, an investigation was launched after the incident came to light. Public Affairs Officer, Teresa Forbes, was interviewed by the Rapid City Journal on Friday last week, and said “It was just an unfortunate mistake during an office move.” The box of files appeared not to have been tampered...

Read More

Husband-Wife Tax Fraudsters Get 231 Months Jail Time

A former employee of Tift Regional Hospital has recently been sentenced to serve 84 months in jail for fraudulently submitting 1,100 bogus tax returns, including making 531 tax claims using the data of 16 year olds. Her husband has been sentenced to serve 147 Months in the Bureau of Prisons. Both are required to pay restitution of $1,107,802.00 to the IRS. United States Attorney for the Middle District of Georgia, Michael J. Moore, recently announced Honorable W. Louis Sands’ verdict on Mrs. Patrice Taylor, 34 and her co-conspirator husband, Antonio Taylor, 44, both of Ashburn, Georgia. The total loss suffered by the IRS was $1,199,897.00 Sentencing took place on July 27, 2015 with Mrs. Taylor convicted of aggravated identity theft and conspiracy to commit wire fraud. Taylor had previously pled guilty to the offences and took a plea deal. She admitted to committing the offenses between January 2011 and February 2013. According to evidence presented at trial, Mrs. Taylor used Social Security numbers obtained during her employment at Tift Regional Hospital to file the tax returns....

Read More

Foreign Hacker Responsible for Siouxland Pain Clinic Data Breach

A foreign hacker has gained access to Siouxland Pain Clinic’s patient data, according to a statement released by the healthcare provider’s attorney. The hacker managed to infiltrate the healthcare provider’s computer network, potentially obtaining the Protected Health Information of approximately 13,000 of its patients. The hacker is understood to have first gained access to the Iowa healthcare provider’s computer network on March 26, 2015, with access reportedly continuing until April 2. Siouxland Limited, which operates the Siouxland Pain Clinic, was notified of the security breach on June 26. The statement was issued on Friday, 31 July, with further information released a few days later. It is not clear why access to the computer systems stopped on April 2, and how it then took over two months for the incident to be discovered. The incident is still under investigation, with the healthcare provider having enlisted the help of a private cybersecurity firm to determine the extent of the incident, the data exposed, and whether any of that data has been copied. The news of the...

Read More

North East Medical Services HIPAA Breach Reported: 69,246 Affected

A HIPAA breach has been reported by North East Medical Services. The Protected Health Information of almost 70,000 patients has potentially been exposed after an unencrypted laptop was stolen from the car of a NEMS employee’s car. According to a breach notice sent to the California Department of Public Health, the incident occurred on July 11, 2015. The laptop was left in the locked trunk of a vehicle from where it was subsequently stolen. The healthcare provider was alerted to the equipment theft on July 13. North East Medical Services HIPAA Breach Exposed “Limited Personal Information”   The investigation launched following the crime revealed that the laptop contained data relating to 69,246 patients, which according to the breach notice, consisted of one or more of the following data elements: Patient name, gender, date of birth, address, phone numbers, and pay/insurer information. No medical records were stored on the laptop, although some patients’ diagnoses, test results, medications, treatments and appointment times were listed in spreadsheets stored on the computer. No...

Read More

Data Breach Sparks Medical Informatics Engineering Lawsuit

A Medical Informatics Engineering lawsuit has been filed in Fort Wayne for the security breach that exposed the data of 3.9 million Americans. These days, data breach victims are signed up by lawyers within hours of breach notices being posted. The latest lawsuit is no exception, with the mailing of the breach notification letters only completed on July 25, 2015. The Medical Informatics Engineering lawsuit was filed by Irwin B. Levin, managing partner of Indianapolis law firm Cohen & Malad LLP, on behalf of James Young, who had his health data and Social Security number exposed in the May 26, 2015 cyberattack. The lawsuit has been filed in the U.S. District Court in Fort Wayne. A spokesman for Medical Informatics Engineering, Jeff Donnell, told the Fort Wayne Journal Gazette, “We are aware of the suit, and we are currently reviewing it. Our primary focus at this time is on our response to those affected by this cyberattack.” Young does not appear to have suffered identity theft of fraud as a result of the exposure of his data; instead the suit has been filed against MIE for...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist