25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

HIPAA Breach Report: August 2014

August 2014 HIPAA Breach Summary: HIPAA Regulations require all covered entities to submit a report of any breach affecting more than 500 individuals to the Department of Health and Human Services’ Office for Civil Rights. Covered entities only have 60 days in order to make the report or they face a breach notification penalty. This report contains a summary of the breaches reported to the OCR during the month of August, 2014. Major HIPAA Breaches in August 2014 August saw a high number of HIPAA breaches reported in which over 4 million individual records were compromised – more than the total number of individuals affected by data breaches in the first six months of the year. The majority of the victims were created by a huge data breach at Community Health Systems Professional Services Corporation (TN) which exposed the records of 4,500,000 individuals. The CHS HIPAA breach was one of the largest ever recorded, and resulted in hackers obtaining personal identifiers and Social Security numbers, in what was described as “a highly sophisticated attack”. In any other month the...

Read More

How Providence Anesthesiology Leveraged Smartphones to Improve Communication with Field Staff

Healthcare providers have a challenge ahead of them if they are to improve communication with field staff and other mobile workers; how to do so without exposing patient data and violating HIPAA Rules. Providence Anesthesiology Associates opted to use a secure messaging platform to help stay in touch with critical members of the care team, and is now reaping the rewards. Communicating with mobile workers and field staff is convenient, fast and easy via Smartphones; whether they are owned by an employee under a BYOD scheme, or provided by employers. However, ensuring communications remain HIPAA-compliant is difficult. PHI cannot be transmitted via insecure channels, meaning standard communication methods available through mobile devices cannot be used. If PHI is to be transmitted via an insecure channel, HIPAA requires the data to first be encrypted. To ensure remote workers do not inadvertently violate HIPAA Rules by using insecure channels to communicate PHI, HIPAA –covered entities should consider using a HIPAA-compliant text message platform that will allow the transmission of...

Read More
Indiana Court Upholds $1.44M HIPAA Privacy Breach Award
Nov14

Indiana Court Upholds $1.44M HIPAA Privacy Breach Award

Walgreen Co. has lost an appeal against the $1.44 million award for damages it was ordered to pay after a HIPAA Privacy Rule breach resulted in confidential patient PHI being shared with unauthorized individuals. This is the first time that the action of an employee has resulted in a healthcare provider being held liable for a violation of the Health Insurance Portability and Accountability Act. The Indiana appellate court decision could well set a legal precedent in cases where employees have violated HIPAA regulations and sensitive patient data has been shared with third parties. Walgreen Co. v. Abigail E. Hinchy In July 2013, a Marion Superior Court jury awarded $1.44M in damages to Abigail Hinchy after a Walgreen pharmacist shared PHI with a third party about a client who had dated her husband. A pharmacist at Walgreens at 6269 W. 38th St. in Indianapolis improperly accessed Hinchy’s prescription history. Hinchy had once dated her husband and had his child and the pharmacist knowingly accessed her prescription history and personal information and divulged that information. The...

Read More

Importance of Encryption for HIPAA Compliant Organizations

Recent cyberattacks on big corporations have demonstrated that no company is safe from cybercriminals. Individuals and groups of hackers will take advantage of easy targets, and even well known companies with considerable resources to allocate to cybersecurity have suffered highly damaging attacks. The security breach at Target in November 2013 cost the company the sum of $148 million. Investment in data encryption and other cybersecurity measures can therefore be considered money exceptionally well spent. Private and confidential data must be kept secure and one of the easiest methods to use is data encryption. Encrypted data is scrambled and indecipherable to unauthorized users. The theft of a device containing an encrypted database means loss of equipment not loss of data and the fines and lawsuits which that entails. Data Encryption Options It is possible to encrypt data stored on servers, hard drives, PCs and other devices but also of vital importance to secure data in transit between devices and over the internet to prevent interception. Encryption can be used for...

Read More

Congress Asked by Mobile Health App Industry to Amend HIPAA

Software companies and mobile phone application developers are concerned about HIPAA regulations and many believe the legislation is hampering innovation. The industry accepts the need for strict controls to ensure data is recorded, stored and transmitted securely, but that there is some way to go to strike a good balance between data security and product development. The App Association represents mobile phone app developers, with the organization communicating its concerns this month in a letter to congress. The letter was sent to U.S. Representative Thomas Marino (R-PA) who has already made an effort to help remove some of the barriers faced by the mHealth industry and mobile App developers. The mobile phone app industry is reportedly worth an estimated $68 billion and the App Association represents some 5000 members. It has voiced concern about key areas which require federal government intervention and has requested that regulations be updated to allow mobile health apps to be developed and for growth to be promoted in the sector. Several innovative applications have been...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist