25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Success 4 Kids & Families Reports Data Breach

Success 4 Kids & Families (S4KF) has sent breach notification letters to 506 patients informing them of a data breach that has potentially exposed some of their Protected Health Information (PHI). An employee of the Hillsborough County-based provider of in-home treatment services left an unencrypted laptop computer in a vehicle from where it was subsequently stolen. S4KF was informed of the theft on April 5 and immediately reported the theft to law enforcement. An investigation was launched, but the laptop has not yet been recovered. S4KF hired an external security firm to determine the exact data stored on the laptop, with the investigation establishing that the computer contained patient names, dates of birth, age, gender, home addresses, Social Security numbers, insurance provider’s name and the types of service received. No other healthcare data was exposed in the incident. There is no reason to suggest that the laptop was stolen for the data it contained, but there is a risk that the information stored on the laptop could be used inappropriately. Social Security numbers...

Read More

Medical Devices Being Targeted to Gain Access to Networks

According to a white paper issued by TrapX Labs, medical devices are being targeted by hackers who are using the equipment as backdoors to gain access to healthcare computer networks. The report cited three examples of medical device hacking where hackers had gained access to medical equipment and bypassed the complex data security systems installed by healthcare providers. Healthcare data security systems may be highly effective at detecting network intrusions and repelling brute force attacks, but the protection does not extend to all medical devices. Major security vulnerabilities exist that are not being addressed. Many healthcare providers believe their electronic equipment to be secure, as protections are in place to prevent access. However, according to the report, security systems are not effective at protecting medical devices. Criminals are gaining access, yet hospital IT staff are unable to scan the equipment without assistance from the manufacturer. If an intrusion is detected, the manufacturer or contractor must be contacted to access the devices and perform tests....

Read More

Unrecognizable Malware Explosion Reported by Check Point

A new report from Check Point Software Technologies has revealed the extent that malware is plaguing healthcare providers and other industry sectors. Over the past 12 months there has been an explosion in malware. In 2013, businesses received an average of 2.2 pieces of malware every hour. By 2014, that figure had risen to 106. That is 106 pieces of malware discovered every hour of every day (on average). The shocking discovery was made after the company analyzed the data from over 60,000 enterprise gateways in 2014. Even company Vice President, Juliette Rizkallah, was surprised by the results and said the current situation is “frightening.” Even more frightening is the fact that the malware is not being repelled; it is downloaded, installed and is sending confidential data to hackers. The report indicates that malware is succeeding alarmingly frequently. The researchers have suggested that the average large company is being attacked by malware every 34 seconds. New files are downloaded to the network, and every minute they communicate with external software. In spite of the...

Read More

Cybersecurity Services Being Outsourced Due to Lack of Skilled Staff

A lack of suitable personnel with appropriate skills to improve cybersecurity defenses is leading many CISOs and CIOs to look outside their organizations for assistance. Businesses and healthcare providers and now increasingly hiring third-party experts to provide cybersecurity services, according to a new report by Cybersecurity Ventures. Wave of Attacks Increases Demand for Trained Cybersecurity Staff Cybersecurity incidents have risen by 48% over the course of the previous 12 months and industry experts predict that the volume of security incidents will rise further still throughout 2015 and 2016. This is not a problem that will just go away. Improving cybersecurity defenses to resist highly sophisticated attacks requires skilled staff, and with the complexity of attacks increasing there is no time to lose. The quarterly Cybersecurity Market Report indicates that the increased risk of attack has led many businesses to create new positions for cybersecurity officers; however, the dearth of talent has seen 209,000 of those cybersecurity jobs remain unfulfilled. Over the next three...

Read More

HIPAA and the New Helping Families in Mental Health Crisis Act

The Helping Families in Mental Health Crisis Act (H.R. 2646) of December, 2013, has been reintroduced by Tim Murphy (R-PA) – Subcommittee Chairman for the House Energy & Commerce Oversight and Investigations – and Rep. Eddie Bernice Johnson (D-TX) with a double purpose. First, it is hoped that the new bill will help to improve the standard of mental health care provided to patients, and secondly a number of new provisions will be introduced to ensure patient privacy is protected. According to Tim Murphy, the new bill “marks a new dawn for mental health care in America,” he went on to say that the new bill “breaks down federal barriers to care, clarifies privacy standards for families and caregivers; reforms outdated programs, expands parity accountability, and invests in services for the most difficult to treat cases while driving evidence-based care.” The bill has been praised by many, but the legislation change has not been universally welcomed. The bill has received criticism from some quarters; in particular for the potential for HIPAA violations to occur. One area of...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist