25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Utah Students Get Around HIPAA  Rules and See Medical Operations
Apr24

Utah Students Get Around HIPAA Rules and See Medical Operations

Under the Health Insurance Portability and Accountability Act of 1996, students have been prevented from visiting operating rooms to view surgical procedures being performed. This was not an intentional privacy and security measure implemented as part of the HIPAA, rather an unfortunate consequence. Many moons ago, students were permitted to visit hospitals and see medicine in action which had the dual purpose of giving an in depth knowledge of surgical procedures which cannot – or could not – be gained in the classroom. It also “sorted the men out from the boys” and had the capability to both inspire and repulse. Both reactions are equally valuable, as both can help to ensure that valuable career preparation time is not wasted in high school. This was the thinking of the Utah State Office of Education, which together with Intermountain Healthcare started up a “Virtual Healthcare Interactive” partnership. The main aim was to keep interest in medicine high for teens; to improve understanding and help students decide whether it was the right career choice for them. The program allows...

Read More
House Passes Cybersecurity Bill Amid Privacy Protests
Apr23

House Passes Cybersecurity Bill Amid Privacy Protests

  The cybersecurity bill – officially the Protecting Cyber Networks Act (PCNA) – has been pushed through following a spate of targeted attacks on the retail, financial and healthcare sectors over the course of the past 12 months. Those attacks resulted in hackers obtaining tens of millions of private and confidential records, including Social Security numbers, credit card and financial details, medical information and insurance details. On Wednesday, the Protecting Cyber Networks Act went to the vote in the House of Representatives, and the bill was passed 307-116. The main purpose of the bill is to allow a real-time threat detection system to be established in the fight against hackers, with the bill paving the way for this by allowing greater sharing of information relating to cybersecurity threats with the government departments tasked with combating those cybersecurity threats. A Backdoor to Allow Increased Government Surveillance The bill is certainly not without its critics. While the sharing of information between corporations and government departments should certainly...

Read More

How Are Hackers Accessing HIPAA-Covered Data?

Healthcare hacking incidents are on the rise. Recent security reports from Verizon, HITRUST, and Symantec all suggest that the cybersecurity risk is now at an all-time high. The threat from hackers is very real; they are targeting healthcare organizations and when they gain access to healthcare computer networks they can steal many tens of millions of records. Only this year, the Premera and Anthem hacking incidents exposed close to 90 million records, of which 11 million included healthcare data and Social Security numbers. But how are hackers gaining access to healthcare databases? What are the main risks to cybersecurity in the healthcare industry? When data breaches are announced they are usually described to be “highly sophisticated” in nature. They would need to bypass multi-layered security systems, in which considerable time, money, and resources have been invested. However, these highly sophisticated attacks often involve some rather unsophisticated tactics. Tactics include asking a person with access to Protected Healthcare Information to tell them their login details....

Read More

OCR Issues Advice on HIPAA and Workplace Wellness Programs

Protected Health Information (PHI) is safeguarded under the Health Insurance Portability and Accountability Act Rules, which place a number of requirements on covered entities (CEs) to implement a number of controls to ensure that healthcare data is not disclosed to unauthorized individuals. Should that occur, or if the data is stolen, covered entities also have a requirement to notify the Office for Civil Rights (OCR) and any persons affected by the breach, with the rules and regulations for doing so laid down in the Breach Notification Rule. These rules cover most healthcare providers, health plans, and healthcare clearinghouses; however, OCR has recently issued guidance on Workplace Wellness Programs, as there appears to be some confusion about coverage under HIPAA Rules. Are Workplace Wellness Programs Covered by HIPAA? The confusion over HIPAA and Workplace Wellness Programs is understandable because whether these schemes are covered under HIPAA depends on how the wellness programs have been set up, and if they are provided through an employer as part of a group health plan....

Read More
Raytheon Acquires Websense in $1.9 Billion Deal
Apr20

Raytheon Acquires Websense in $1.9 Billion Deal

Raytheon, a major U.S defense contractor, has announced it is to acquire Websense Inc from Vista Equity Partners in a deal reported to be worth $1.9 billion. The deal is expected to add an additional 20,000 commercial customers to Raytheon’s portfolio and is expected to close at the end of Q2, 2015. Over the past couple of years there has been a significant increase in cyberattacks on organizations of all sizes from SMBs to multi-national corporations. The increase in frequency of attacks and the level of sophistication of the attackers requires advanced defenses to be deployed to keep networks and data secure. The recent high-profile attacks have prompted many firms to commit more funds to cybersecurity. MarketsandMarkets has estimated there will be an increase of $60 billion in cybersecurity spending over the next four years, and Raytheon is poised to take advantage. Websense has developed Internet security technology for enterprises and governments to protect against web-based threats and block data theft and keep systems and endpoints free from malware. Those solutions will be...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist