25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Online Portal Glitch Causes California HIPAA Breach
Mar11

Online Portal Glitch Causes California HIPAA Breach

A California Not-for-Profit organization has issued a breach notification after it discovered that an online application it used to process applications was found to be insecure, which may have resulted in the Protected Health Information (PHI) of a number of individuals being disclosed. The Painted Turtle is a camp for children suffering from life-threatening illnesses and places in the program are provided free of charge. When parents or legal guardians apply for a place at the camp, they are required to enter information into an online portal as part of the application process. While the system was believed to be secure and HIPAA-compliant, a software glitch potentially resulted in application information being made available to the person who was listed as a reference in the application. The data recorded by the portal includes personal information about the applicant and potentially also Social Security numbers, Driver’s license numbers, personal medical information, employment details and names and addresses. Painted Turtle confirmed that no financial information – bank...

Read More

Florida Nurse Accused of Stealing HIPAA-Covered Data and Exploiting the Elderly

Access to Protected Health Information (PHI) is alleged to have been abused by a home health nurse from Lee County, Florida, who stands accused of accessing and using HIPAA-covered data and using that information to open credit card accounts and defraud at least 8 of her patients, according to a Lexicology report. The woman opened fraudulent credit card accounts by using patient names and PHI and used the cards to go on a spending spree. According to police investigators, the woman purchased gift cards, electronic devices and made expensive repairs to her vehicle. While the woman could have been charged under HIPAA regulations, the charges filed against her are for the criminal use of personal information and exploitation of the elderly. Improper use of Protected Health Information (PHI) and abuse of patients can be difficult to identify, especially when care is provided at home. Patients may not feel safe enough to report abuse, and in the case of financial, medical and identity fraud, the patients may not even be aware that they are victims. In-home care is necessary and it can...

Read More
HIPAA Breach Triggers IT Security Audit: Anthem Refuses
Mar10

HIPAA Breach Triggers IT Security Audit: Anthem Refuses

The Office of Personnel Management’s (OPM) Office of the Inspector General (OIG) conducts security audits on healthcare organizations participating in the Federal Employees Health Benefits Program (FEHBP). Following the massive HIPAA breach at Anthem., Inc last month, the OIG decided to conduct a new information technology security audit on the insurer. The OIG Information Technology security audits set out to determine if security vulnerabilities exist that could potentially be used by hackers to gain access to servers and internal computer systems. The audits are not comprehensive, instead that samples a small proportion of the organizations servers to help build an overall picture of data security and whether sufficient steps have been taken to prevent hackers from conducting malicious cyber attacks. The audits consist of automated vulnerability scans and accompanying configuration compliance audits; however according to reports, Anthem refused to cooperate fully with OIG auditors and restricted access to its servers, claiming that the provision of access would violate corporate...

Read More
Indiana State Medical Association Suffers Major HIPAA Breach
Mar09

Indiana State Medical Association Suffers Major HIPAA Breach

The Indiana State Medical Association has reported a HIPAA breach as a result of the theft of two backup hard drives containing healthcare and insurance information of almost 39,000 individuals. The hard drives contained group health and life insurance databases, with the data including Social Security numbers, medical histories, health plan numbers, email addresses, dates of birth and names and addresses that were supplied on health insurance applications. The backup drives were being transported to an off-site storage facility as part of the group’s disaster recovery plan when they were stolen in what the ISMA called a “random criminal act.” According to the breach notice placed on the ISMA website, 39,090 individuals were potentially affected although the exact data compromised varies from individual to individual. Social Security numbers were present in the databases, but not for all individuals. As a result the decision was made to send individual breach notification letters explaining the exact information that was compromised. Affected individuals are being offered credit...

Read More

Delegates Prepare for the 23rd National HIPAA Summit

Next week, government department heads and industry leaders will meet at the 23rd National HIPAA Summit to give updates on the progress that has been made over the past 12 months and to provide information on new laws and regulations. The summit also offers an opportunity for compliance officers and other healthcare professionals to receive training on a wide range of healthcare IT and HIPAA-compliance issues. The threat of cyberattacks on healthcare providers has risen to an all time high and healthcare costs are spiraling out of control. The industry may be in critical condition, yet healthcare providers, health plans and other covered entities must find the funding to improve data security and protect the privacy of patients and health plan members. Since the introduction of HIPAA this has been a major challenge, but with the introduction of HITECH, the Affordable Care Act (Obamacare), the move to IC10 coding and the passing of the HIPAA Omnibus Rule the challenge has grown. HIPAA-covered entities now face a huge financial and administrative burden to comply with these...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist