25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Colorado Behavioral Health Patients Advised of HIPAA Breach

A recent postcard mailing by the Colorado Department of Health Care Policy and Financing has, albeit accidentally, disclosed protected health information on patients and is in breach of HIPAA regulations. The breach has now been made public and the patients concerned have been notified by mail. The HIPAA breach was due to a survey being mailed to approximately 15,000 patients, each of whom had received treatment through Medicaid or the Office of Behavioral Health belonging to the Department of Human Services. The HIPAA violation was not due to social security numbers and addresses being listed in the communication or any other information which could potentially be used by thieves or fraudsters. The HIPAA violation was for using a postcard rather than a sealed envelope for the survey. By using a postcard the name and the address of the recipient was clearly visible, while the survey identified them as being behavioral services patients. The survey contained questions about the behavioral health care services they had received and someone other than the intended recipient could...

Read More
HIPAA and Healthcare Data Compliance
Oct14

HIPAA and Healthcare Data Compliance

Access to healthcare can be considered a basic human right, although many counties have different views on the services that are provided by the state, and to whom. Privacy is also important and can also be considered a basic human right, with the rights of individuals showing just as much variation. In the UK, British citizens have access to the National Health Service. Formed in 1948, the NHS provides universal healthcare to all but there is no common law right to privacy, although privacy issues can usually be resolved in court. Across the Atlantic in the United States, privacy laws affect how doctors can operate. If they want to assess how effective treatments are across the country for the treatment of a particular disease, privacy laws prevent them from having automatic access to data from any patient who is not their own. This is a problem, as sharing of patient data enables doctors to gain a better understanding of the treatments that are working the best. A way around this is for doctors to share some of their patient data using a service such as Sharepoint. Data can be...

Read More
Data Breaches Prompt Change in Florida Law
Oct14

Data Breaches Prompt Change in Florida Law

A new state law has been passed to give Florida residents greater protection by ensuring both private companies and government agencies store electronic data securely. The recent spate of cyber attacks and HIPAA breaches have highlighted the fact that consumers now face a very real threat and that their personal and confidential data could fall into the hands of criminals. The elevated risk has prompted Florida to draft new legislation to better protect its residents and in July of this year the Florida Information Protection Act of 2014 (FIPA) came into force. The new FIPA act is similar to the Health Insurance Portability and Accountability Act of 1996. The legislation has been introduced to protect the privacy of consumers and to hold offenders accountable for data breaches. The Attorney General’s Office also wants rapid action following a data breach to limit the harm, damage and loss caused. By sending notifications to victims promptly they are able to take action to protect their identities and prevent further loss or damage. Under FIPA, organizations must take...

Read More
HIPAA Breach Report: July 2014
Oct13

HIPAA Breach Report: July 2014

July 2014 HIPAA Breach Summary: The HIPAA Breach Notification Rule demands that Healthcare providers, health plans healthcare clearinghouses and BAs report data breaches involving more than 500 individuals to the Office for Civil Rights of the HHS within sixty days of discovery of the breach. This report contains a summary of the breaches reported to the OCR during the month of July, 2014. Major HIPAA Breaches in July 2014 A number of large scale HIPAA breaches were reported to the Office for Civil Rights in July, exposing more patient records than in any other month since January this year. The data breach at the Montana Department of Public Health and Human Services (MT) is the largest reported HIPAA breach of the year, exposing 1,062,509 records. This is almost as many records as were exposed in the HIPAA breaches at Horizon Healthcare Services, Inc., (January) and Sutherland Healthcare Solutions (May) combined. Human error was cited as the reason for a data breach at St. Vincent Hospital and Health Care Center, Inc. (IN) after 63,325 individuals received a mailing in which...

Read More
Community Health Systems HIPAA Breach Lawsuits Mount
Oct13

Community Health Systems HIPAA Breach Lawsuits Mount

The data breach at Community Health Systems which was reported in August was the second largest in history, with 4.5 million records potentially accessed by a suspected group of Chinese hackers. The successful attack and data theft has left millions of patients potentially exposed and at risk of identity theft and financial loss. The data accessed included personal information such as names, addresses, social security numbers and date of births; information the thieves can use to create fake documents and run up huge debts. The HIPAA breach has understandably resulted in legal action being taken against CHS by some of the victims, with at least two class action lawsuits now filed against the healthcare provider and operator of 206 nationwide hospitals.   A class action lawsuit has been filed by firms Slack & Davis and Branch Law Firm with Briana Brito named as the class representative. A second class action suit has been filed on behalf of 5 Alabama residents (and all others affected). Specific dollar amounts have not been stipulated and are being left to the courts to decide....

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist