25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Cost of Data Breaches to Hit $2.1 Trillion by 2019

Juniper Research has released a new report suggesting the cost of data breaches will hit $2.1 trillion by 2019 as a result of the increase in cybercrime and the sheer scale of data that will be recorded on consumers’ lives. The Future of Cyber Crime & Security   The new report – The Future of Cybercrime & Security: Financial & Corporate Threats & Mitigation – offers an in depth analysis of the current digital security landscape and the threats now being faced, and creates a roadmap for the evolution of connected devices to predict the effect that data breaches will have over the course of the next four years. While security of the Internet of Things is getting a lot of attention at present, Juniper Research calculates the actual risk of data exposure to be minimal, certainly over the next four years. The real threat, and where the majority of data breaches will occur, is the current IT infrastructure according to Juniper. Network servers, laptop computers and other endpoints will continue to be the major locations of breaches. The report suggests that the...

Read More

21st Century Cures Bill Could Weaken HIPAA Protections

Under current HIPAA legislation, Covered Entities (CEs) and their Business Associates (BAs) are not permitted to disclose the Protected Health Information (PHI) of patients without permission, except when PHI is to be used for treatment, payment of CE operations. However, a new bill has now been drafted which changes the permissible uses of PHI to include research. The new bill is intended to remove some of the roadblocks that are preventing U.S healthcare providers from developing new cures. HIPAA is perceived by many researchers to be detrimental to the healthcare industry, slowing down research, innovation and the development of new drugs and medical treatments. The aim of the 21st Century Cures Bill is to alter HIPAA Privacy Rules to allow healthcare providers to use PHI for research – or supply it to their BAs – without express permission being obtained from patients. Should the Cures Bill be passed, the Secretary of the Department of Health and Human Services would be required to update HIPAA Privacy Rules within 12 months. The discussion draft of the bill – released on...

Read More

Illinois AG Files Improper Dumping Lawsuit Against HIPAA Business Associate

Lisa Madigan, the Illinois Attorney General, has filed a lawsuit against a Northbrook HIPAA Business Associate (BA) for failing to destroy medical records prior to disposal. The BA is alleged to have exposed the PHI of at least 1,500 individual patients. The complaint says that the attorney general’s investigators found 1,500 medical records at Shred Spot. The company had received the medical records from Filefax Inc. of 3405 Commercial Ave., Northbrook. According to the suit, as reported by the Chicago Tribune, “an individual by the name of Halina Bysiek took 1,100 pounds of paper out of the container and brought it to another Sky Harbor business, seeking cash for recycled material.” The data was allegedly left in an “unlocked garbage container behind the building in the Sky Harbor business park.” Paul Kaufmann, Owner of Shred It, identified the material as medical records and alerted his Trade Association – The National Association for Information Destruction. Following the advice he received, Kaufmann contacted the state attorney general’s office and an investigation...

Read More
HIPAA Compliance Guide Released
May11

HIPAA Compliance Guide Released

Our 65-page HIPAA Compliance Guide for Privacy, Security and Compliance Officers provides useful advice on the main elements of the Health Insurance Portability and Accountability Act, including tips and best practice advice for Covered Entities (CEs) and their Business Associates (BAs). The guide can be downloaded here. HIPAA Compliance Will be put to the Test Three years have passed since the Department of Health and Human Services’ Office for Civil Rights completed its pilot round of HIPAA compliance audits and organizations covered by HIPAA do not have long before the audits will start again. The pilot phase did not result in any financial penalties being issued – only action plans – although the audits revealed HIPAA compliance was in a sorry state. The same is not expected to be true for the next round. CEs have had plenty of time to get procedures and policies updated, and if violations are discovered this time around, fines are likely to follow. The next round of audits will specifically test the areas of HIPAA Rules that were causing so many problems for CEs three years...

Read More

2014 HIPAA Privacy and Security Breach Report

The healthcare industry suffered a number of large scale data breaches in 2014, with Community Health Systems the hardest hit after hackers stole 4.5 million patient health records. 2014 HIPAA Privacy and Security Breaches Increase by 138% In 2014, HIPAA privacy and security breaches hit record highs with millions of patient health records exposed. Since 2012, security breaches have increased by 138% and the trend has continued into 2015. Colossal data breaches have already been reported by Anthem and Premera Health, which exposed 78.8 million and 11 million health plan member records respectively and that was before February had come to an end. The healthcare IT security focus has now shifted from compliance with HIPAA regulations to the prevention of data breaches according to a survey of healthcare IT professionals at HIMSS 2015 due to the staggering cost of data breaches. However, the data from last year suggests that hacking accounted for a relatively small proportion of the data breaches reported in 2014. When these incidents do occur, as we have seen over the course of the...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist