25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

10 HIPAA Breach Costs You May not Be Aware of

A data breach is less of a possibility and more of inevitability in 2015. Cyber crime is on the increase and the healthcare industry is under threat, with major attacks already having exposed millions of records – with last year’s tally having already been surpassed by some distance. Determining the data breach financial impact can be difficult as there are variables that cannot be accurately predicted immediately after a breach has occurred. Civil claims for damages will almost certainly be filed, although the number of victims of fraud will not be known for many years, neither the damages which will need to be covered. The Department of Health and Human Services’ Office for Civil Rights investigates data breaches; however it can take time for an assessment to take place. A full compliance audit may be required, the findings assessed and financial penalties considered. Settlements can take a number of years to be reached and there is no telling how many violations will be discovered by its auditors. Each violation category carries a maximum fine of $1.5 million in cases where the...

Read More
Employees Steal 9,000 Patient Records From Florida Hospital
Mar25

Employees Steal 9,000 Patient Records From Florida Hospital

The massive data breaches of Anthem and Premera highlight the real and present danger of HIPAA breaches from hackers, but there is also a major threat from within. Hospital employees may not be responsible for the largest breaches, yet staff snooping on hospital records is a serious problem. Each year employees view and copy the data of tens of thousands of patients, with 9,000 records potentially compromised in the latest case of employee snooping, according to a report in the Daytona Beach News Journal. Two medical professionals working at an unnamed Florida Hospital in Orlando have recently had their employment contracts terminated after the hospital discovered that patient records had been inappropriately accessed. The employees were based in Orlando, and reportedly had access to the patient records at eight Florida hospitals: Florida Hospital Orlando; Florida Hospital Altamonte; Florida Hospital Apopka; Florida Hospital East Orlando; Florida Hospital Kissimmee; Celebration Health; Winter Park Memorial Hospital and Walt Disney Pavilion at Florida Hospital for Children, although...

Read More
Premera HIPAA Breach: Insurer Certified as HIPAA Compliant
Mar24

Premera HIPAA Breach: Insurer Certified as HIPAA Compliant

In the aftermath of a major HIPAA breach, the spotlight is shined on healthcare providers and insurers’ and they investigated to determine whether the breach was preventable, and if it was caused by violations of HIPAA regulations. In the case of Premera, hackers were able to infiltrate the insurer’s computer network and gain free access to patient healthcare records for a period of 10 months. The insurer has been criticized for the breach, in particular for failing to audit its internal computer systems regularly; a measure which could have identified the breach much more quickly and thus would have limited the damage caused. While attention is focused on the insurer and potential HIPAA violations, according to the U.S Office of Personnel Management, the insurer was deemed to be HIPAA-compliant after an audit of its systems last year. The U.S Office of Personnel Management conducted general testing of Premera’s information systems in January 2014, in addition to a full application control audit. While the Office for Civil Rights is tasked with auditing healthcare providers on...

Read More
65% of Patients Would Avoid Companies that Suffered a HIPAA Breach
Mar24

65% of Patients Would Avoid Companies that Suffered a HIPAA Breach

Healthcare organizations and insurers face major financial penalties for HIPAA data breaches that they inadvertently – or willfully – cause; however the results of a recent survey indicate that the fines issued by Attorney Generals and the Office for Civil Rights pale into insignificance compared to the loss of income that results from patients changing healthcare provider after a data breach. The survey, conducted by TransUnion, found that 7 out of 10 patients (65%) were willing to change healthcare providers if the company was affected by a data breach. While not all of those individuals would actually change providers, the figures are worrying and send a message to HIPAA-covered entities that data security and patient privacy must be made a priority. The survey showed that older patients were less willing to make the change. Almost two-thirds of respondents over the age of 55 said they would be unlikely to switch providers, while 73% of individuals in the 18-34 age category said they would make the switch following a data breach. The discrepancy has been attributed to the...

Read More
No Fees for Health Exchange Say Patients
Mar23

No Fees for Health Exchange Say Patients

The Society of Participatory Medicine – in conjunction with ORC International – has released survey data that indicates that three-quarters of patients believe that Protected Health Information (PHI) should be easily and freely shared between hospital workers, physicians, and other healthcare providers. The lack of sharing and poor interoperability is believed to have a serious impact on the medical care that patients receive. According to the poll, a fifth of patients had previously experienced difficulty receiving medical care because their healthcare data was not shared between providers. A PWC survey indicated that it is not only the sharing of data that is a problem. When data is shared, in 60% of cases providers face significant delays in accessing the required information. In addition to the full sharing of information between authorized individuals, 87% of patients said that they believed that access to their PHI should be free of charge. One of the issues that doctors have to face is that providing access to PHI incurs a significant cost: Healthcare providers are...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist