25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Study Suggests HIPAA Data De-identification Improvements Required

Under HIPAA Rules, healthcare providers and other covered entities (CEs) are permitted to use the Protected Health Information (PHI) of patients – and share this information with others – provided that the data has been de-identified. It must not be possible for PHI data to be tied to any individual. CEs are permitted to share the data if it can be demonstrated that the risk of that data being associated with a particular patient is small and have two options for de-identifying healthcare data prior to sharing that information with a Business Associate: They can de-identify data using a model such as k-anonymity, or they can set a rule-based policy – the Safe Harbor model – that changes data values; for example, changing dates of birth to the following or preceding year, or stripping out days and dates to just provide a patient’s age. However, while the latter method is often used, it is far from perfect. According to a recent study published in the Journal of the American Medical Informatics Association (JAMIA), this procedure does not tailor protections to the...

Read More
Improper Disposal Nets Small Pharmacy $125K OCR HIPAA Penalty
Apr27

Improper Disposal Nets Small Pharmacy $125K OCR HIPAA Penalty

The mega data breaches to hit large insurers and healthcare providers have been making the headlines in recent months; however, the Department of Health and Human Services’ Office for Civil Rights (OCR) showed yesterday that even smaller healthcare providers must abide by HIPAA Rules or face the consequences. Yesterday, the OCR issued a statement on the latest settlement to be reached with a healthcare provider for violations of HIPAA Rules. The OCR announced that it has reached a settlement for $125,000 with a Denver-based healthcare provider, Cornell Pharmacy, following the improper disposal of patient health records. Cornell Pharmacy is a single-location healthcare provider that mostly serves hospice care organizations in Denver and provides compound medications. HIPAA-Covered Entities of All Sizes Must Obey HIPAA Rules The Office for Civil Rights has been cracking down on HIPAA violations in recent years and has issued a number of large fines to organizations that fail to abide by HIPAA Privacy and Security Rules. Organizations large and small are being investigated by the OCR...

Read More

26 Percent of Healthcare Organizations Have Suffered a Data Breach

According to a recent Harris Poll survey conducted on behalf of Vormetric, 26% of healthcare organizations have suffered a data breach. With the volume of data breaches now being reported, it is highly probable that this figure will rise significantly over the course of the next 12 months. The survey asked questions of 818 IT decision makers – including 102 from the healthcare sector – relating to data breaches, threats, and actions taken to prevent cyber attacks. Over half of the respondents (54%) said that achieving full HIPAA-compliance status had been the main reason why Protected Health Information has now been safeguarded; indicating that HIPAA is proving to be effective in this regard. 68% of respondents said that HIPAA has been “very or extremely effective at stopping insider threats and data breaches.” While PHI protection has improved there is still a long way to go. The survey indicated that over a quarter (26%) of healthcare providers had suffered at least one data breach. In spite of the efforts made by many healthcare providers to become HIPAA-compliant,...

Read More
Seton Family Of Hospitals Announces 39K HIPAA Breach
Apr26

Seton Family Of Hospitals Announces 39K HIPAA Breach

A HIPAA breach has been suffered by the Seton Family of Hospitals in which the Protected Health Information (PHI) of close to 39,000 patients has been obtained by hackers. The attack occurred on February 26 of this year. The data compromised in the healthcare hacking incident includes personal identifiers such as names, addresses and other demographic information in addition to medical record numbers, insurance provider information and Social Security numbers. Since demographic information has been obtained along with Social Security numbers and medical insurance details, the victims have been placed at an elevated risk of suffering medical and identity fraud. While it has not been explicitly stated that Seton Family of Hospitals will be providing credit monitoring services to all affected individuals, a statement released by Jesús Garza, Seton Healthcare Family President and CEO, said that “It is our priority to support those who have been affected.” Under the Health Insurance Portability and Accountability Act Breach Notification Rule, all covered entities are required to issue...

Read More

Healthcare Apps Helping to Improve Patient Care and Reduce Costs

The Healthcare Information and Management Systems Society conference this year provided healthcare professionals with even more than in years gone by. HIMSS 2015 was bigger and better than ever and attendees got more opportunities to learn, discuss, and debate the current issues facing the healthcare industry. HIMSS also published the data from the 2015 HIMSS Mobile Technology Survey. The survey asked questions of 238 respondents’ use of mobile technology as a method of engaging patients in their own healthcare. The results indicate that healthcare professionals are taking great strides to embrace new technology and communicate with patients in a format that they are comfortable with using. According to mobile usage data from the Pew Research Center, in January 2014, 90% of Americans owned a cell phone, and 64% owned a Smartphone. 81% used the devices to send or receive text messages, 60% for internet access, and 52% for sending emails. The explosion in mobile usage has been rapid and the healthcare industry appears to be keeping up. Not only are telehealth services now being...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist