25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

2014 Likely to See Surge in HIPAA Data Breaches

A new report released by the Experian credit bureau predicts that 2014 is likely to be a major year for data breaches, with a surge in numbers expected over the course of the year. The report also predicts the healthcare industry will be hit hard. The report says that the reason healthcare is so susceptible to attack is the sheer size of the industry. There is what the report calls an “expanded attack surface for breaches,” due to new EHRs and Health Insurance Exchanges (HIEs), while the value and volume of data held hakes healthcare providers attractive targets for cyber criminals. Experian offers credit monitoring services, but also assists customers to recover from data breaches. The company indicated that 46% of data breaches that it dealt with last year were from the healthcare industry. The report cites a number of reasons why data breaches are expected to rise, and indicates it is mainly due to the huge organizational infrastructure changes that are required under the Affordable Care Act, HIPAA, HITECH and other legislation together with general unpreparedness, a huge number...

Read More

Horizon Blue Cross Blue Shield Announces 840K HIPAA Breach

The theft of two laptops from the Newark headquarters of New Jersey’s largest health insurer – Horizon Blue Cross Blue Shield – has potentially resulted in the health data of almost 840,000 individuals being exposed. The two devices were stolen from its offices on the eighth floor of 3 Penn Plaza at some point over the weekend of 1-3 Nov, 2013. The theft was discovered on Monday Nov 4, when employees returned to work and the theft was immediately reported to the police. In accordance with the Health Insurance Portability and Accountability Act, Blue Cross Blue Shield had implemented physical controls to secure the two Apple MacBook Pros, which were locked with security cables to employee’s workstations. The cable locks were reported to have been tampered with and had been damaged allowing the laptops to be stolen. HIPAA also demands healthcare providers implement the appropriate technical safeguards to keep health data secure. While the devices were protected by passwords, they contained unencrypted Protected Health Information which breaches HIPAA Privacy and Security...

Read More

University of Washington Medicine Notifies 90K Patients of Potential HIPAA Breach

An October security breach potentially exposed personal information and Social Security numbers of 90,000 patients of the University of Washington Medicine (UW Medicine) according to a recent breach announcement issued by the healthcare provider. The breach was caused when a malware infection took control of an employee’s computer after an infected E-mail attachment was opened. While the incident is not believed to be a targeted attack, the malware potentially could have accessed Protected Health Data and personal identifiers stored on the computer and given hackers access to that data. Affected individuals had previously received medical services at UW Medicine’s Harbourview Medical Center and/or its Washington Medical Center. The data compromised includes patient names, addresses and phone numbers as well as dates of birth and social security numbers. Clinical data was also stored on the computer and details of treatments received could also potentially have been accessed. The breach was identified promptly and the malware was only active for a day, and given the fact that this...

Read More

Employee Snooping is the Most Common Cause of HIPAA Security Breaches

The theft of mobile devices may result in the largest exposures of Protected Health Information; however the most common cause of HIPAA security breaches is small scale snooping by employees, according to a study conducted by Veriphyr Identity and Access Intelligence. The study asked healthcare providers about the security breaches their organizations had suffered, with 70% of the survey respondents claiming to have experienced at least one security breach. 35% of those respondents attributed the breaches to unauthorized access by employees. Snooping was the largest single cause of exposure of patient health information according to the survey with 27% of having experienced a breach when an employee viewed medical records of friends and family, while 35% occurred when employees checked the medical records of their work colleagues. The survey was conducted on medium to large healthcare organizations; however there is no reason to suggest that small healthcare organizations do not suffer data breaches of a similar nature. Employee Snooping is a HIPAA Violation Unauthorized accessing...

Read More

Data Issue Arises From Home Diabetes Test

On 26th September, Lori Stein visited Cotton-O’Neil Diabetes and Endocrinology Center in Topeka and met with an endocrinologist for a checkup. Lori Stein´s checkup was routine to monitor her diabetes, but during her consultation she asked if she could have a home test glucometer. A nurse brought her a sample glucometer and some test strips and handed her two boxes. When she returned home she noticed a slip of paper between the boxes and started to read it thinking it was a print out of her consultation. The page contained data on her health conditions and listed her as suffering from severe obesity, which was incorrect. She also noticed other diagnoses and treatments which she had not had and when she read the page more closely she noticed the patient details written at the top of the page were not her own and that she had been given the page by mistake. The data printed at the top of the page included the patients name, address, medical diagnoses, treatment details and general information such as age, height, weight and allergies suffered. Since Lori had previously been a...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist