25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Watch out for Wearables if you Want to Avoid a HIPAA Violation

Wearable devices are rising in popularity and now Google Glass has been made available to all in the USA and UK, Apple is launching a Smartwatch and other big influential brands are heavily investing in wearables, the next few years could see the devices become the norm and used throughout the healthcare industry. Currently more than 25% of adults in the United States own a fitness tracker or use a Smartphone fitness tracking application and a considerable amount of personal health data is being now recorded. A recent survey conducted by Juniper Research has predicted that the wearables market will grow ten-fold over the next 4-5 years and over 180 million devices will have been sold by 2018. Google Glass is stealing the headlines; however Apps and fitness bands are the most popular method of tracking health and wellness at the present time. The data recorded could revolutionize healthcare allowing preventative steps to be taken to help patients avoid illness and injury. Smart glasses such as Google Glass may not prove so popular for consumers, but the benefits to business are...

Read More
Sony Pictures Confirms Breach Potentially Exposed HIPAA Data
Dec16

Sony Pictures Confirms Breach Potentially Exposed HIPAA Data

Sony Pictures has made an announcement confirming the protected health information of some employees could have been exposed in this month’s security breach. Employees were sent a breach notification letter earlier this week containing details of the data the company believes was exposed. While the written notification letters have only just been mailed, an E-mail was sent to all affected employees earlier this month alerting them to the security breach and stating that computer records had been compromised. In that E-mail Sony Pictures suggested that all affected persons sign up for credit monitoring services with AllClearID; the company being used by Sony Pictures to help mitigate any damage caused. The notification letter reiterated the need to sign up for credit monitoring services and provided additional details about the breach, including more information on the scale of the data exposure. Earlier this month some computers at Sony Pictures were hacked in what appears to be a targeted attempt to steal company and employee data. Some of the data has already been posted on...

Read More

Concern that Drug Company Use of Patient Data Circumvents HIPAA

Pharmaceutical companies are using patient PHI to market their products, even though they are not permitted to have access to this information under HIPAA regulations, according to a recent report on Bloomsberg News. HIPAA covered entities are not permitted to disclose patient information to third parties for the purposes of marketing, yet pharmaceutical companies are obtaining the data from a different source. Drug companies are now seeking assistance from online data agencies that can provide them with the data they require to directly market products to the persons most likely to use their drugs. Marketing data is invaluable to drug companies as it enables them to market their products more effectively. The market for a particular treatment may be very small in terms of penetration so using traditional advertising methods is unlikely to produce the required number of sales. However, if a drug company obtained a list of patients who had been diagnosed with a condition that their drug treats, the volume of sales from its direct marketing efforts would increase substantially....

Read More
Amedisys Hospice to be Investigated for Potential HIPAA Violation
Dec14

Amedisys Hospice to be Investigated for Potential HIPAA Violation

The discovery of documents containing the Protected Health Information of 17 patients of Amedisys Hospice, Tennessee has triggered an investigation over the potential HIPAA violation. Earlier this week, Sandra Rambo was walking with her daughter when she came across paperwork on the side of the highway. The pair noticed that the records contained information on patients, one of whom was the deceased husband of one of her neighbors. The information contained in the paper documents included private patient details such as identification numbers, medical conditions, information about previous hospice visits as well as personal details of patients who had visited the hospice according to a report on local radio station, WHHL. Rachel Seeger, Spokesperson for the US Department of Health and Human Services explained that in cases such as this, the DHHS works with the healthcare provider to resolve HIPAA violations and enters into a resolution agreement to ensure that the entity in question implements an action plan. That action plan must correct any privacy and security issues affecting...

Read More

Laptop Theft Causes HIPAA Breach Exposing Patient Data in Oregon

A new HIPAA breach has been announced affecting patients of an Oregon healthcare facility although the number of patients to be affected is currently unknown. The incident occurred in November when an employee of the Corvallis Clinic left a laptop computer in a vehicle while attending a work conference. The laptop was subsequently stolen from the car. The laptop contained unencrypted data of patients who had visited the clinic during the past two years, although the information was in a spreadsheet and the data it contained was limited and included patient names, dates of birth, name of the healthcare provider and the reason for the visit. The spreadsheet is not believed to have contained any Social Security numbers, driver’s license numbers or credit card details. There is no indication that the thieves have been able to access the data contained in the spreadsheet. The Clinic advised patients that the laptop was protected with a “highly secure” alpha numeric pass code and that it is improbable that the thieves would have been able to access the data. A notice has been posted on...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist