25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

HIPAA Breach Report: April 2014
Jul03

HIPAA Breach Report: April 2014

April 2014 HIPAA Breach Summary: The Breach Notification Rule of the Health Insurance Portability and Accountability Act requires all covered entities, and their Business Associates via their covered entity, to report all data breaches affecting more than 500 individuals to the Department of Health and Human Services’ Office for Civil Rights (OCR). These breaches must be reported with 60 days of the discovery of the breach. This report contains a summary of the breaches which have been reported to the OCR during the month of April, 2014. Major HIPAA Breaches in April 2014 April saw the highest number of monthly HIPAA breaches reported for the year – and the most breaches during the past 6 months – with numerous incidents reported including a major data breach at the Indian Health Service (MD) after a laptop containing unencrypted PHI resulted in the potential disclosure of 214,000 individual records. The second largest breach affected Business Associate, Amerigroup Texas, Inc. (VA), which reported the theft of paper records of 75,026 individuals while the health plan, American...

Read More

OCR Tasks Jocelyn Samuels with HIPAA Enforcement

A new director has been appointed to take over the helm of the Office for Civil Rights of the Department of Health and Human Services following the departure of its director, Leon Rodriguez. An email was recently sent to all staff at the agency confirming that the position has been accepted by Jocelyn Samuels. According to an OCR spokesperson, “Leon is in the process of planning his departure, and we look forward to Jocelyn joining us here at OCR in the near future.” A date has not yet been announced when Samuels will take over at the OCR. Rodriguez has served as Director since September 2011 and has played an important role in the development of the OCR audit program. He was also committed to increasing the scope of the audits and policing HIPAA more rigorously. He was confirmed as having been accepted for the position of U.S. Citizenship and Immigration Services at the Department of Homeland Security on June 24, after the senate agreed to his appointment. Jocelyn Samuels is due to vacate her position as acting assistant attorney general in the civil rights department, where...

Read More
PriceWaterhouseCoopers Report on HIPAA Compliance
Jun30

PriceWaterhouseCoopers Report on HIPAA Compliance

The state of HIPAA compliance in the US has been assessed by PriceWaterhouseCoopers, following a survey conducted this summer. A report on the survey findings has now been issued with the results indicating that HIPAA compliance is often not being given the importance it requires. Healthcare Chief Compliance Officers are often part time positions while 43% of respondents claimed they “are responsible for other functions and those other duties and responsibilities generally took precedence over compliance.” There was also a feeling that more could be done to improve compliance and to raise its perception and profile within organizations. Compliance clearly is not forefront in the minds of all senior leaders and board members when decisions are made relating to day to day operations or even for strategic planning. Since compliance is not a profit making activity, it is essential for CCOs to convince board members of the value to be had from introducing and running a compliance program. One problem raised was the fact that budgetary constraints are hampering compliance efforts. Ten...

Read More

OCR Submits HIPAA PHI Breach Reports To Congress

In accordance with HITECH, the Health and Human Services Office for Civil Rights has submitted its annual reports to congress detailing the Breaches of Unsecured Protected Health Information it was notified of during 2011/2012. The report shows that 98% of victims of PHI data breaches involving over 500 individuals have come from 1% of recorded breaches. The large scale data breaches caused by these security lapses and targeted attacks are affecting millions of Americans. The total count of victims has now risen to 32 million and the total number of recorded HIPAA data breaches is about to reach the 100 mark. The report highlighted the state of HIPAA compliance and clearly showed that healthcare organizations are failing to take the required actions to protect patient data and keep PHI private and confidential. Over the course of the past 12 months there have been record fines issued for security breaches and violations of HIPAA procedures and HHS Chief Regional Civil Rights Counsel Jerome Meites has predicted “a huge spike in the fines from violations” over the coming months. In...

Read More
Central City Concern Announces Employee HIPAA Breach
Jun26

Central City Concern Announces Employee HIPAA Breach

Another case of employee theft of PHI has been reported, this time by Oregon-based Central City Concern (CCC) where a former employee viewed and copied data from at least 15 individuals registered in CCC’s Employment Access Center Program. This information included data covered under HIPAA in some if not all cases. The non-profit organization was advised of the theft on April 3, 2014. However, according to a recent report made to the Department of Health and Human Services’ Office for Civil Rights, a recent breach involving unauthorized access/disclosure is listed as having occurred between March 23, 2010 and May 24, 2013, with that incident exposing 17,914 records. The breach was reported to the OCR on May 19, 2014. It is not clear at this stage whether these two incidents are the same as there is no requirement for a breach report involving 15 individuals to be filed with the OCR for a period of 12 months. Since this is the only breach listed, it is reasonable to assume that this may be the same incident, with the initial estimate of victims being drastically underestimated....

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist