25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Greater Pittsburgh Orthopedic Associates Data Breach Affects Almost 57,000 Individuals
Feb24

Greater Pittsburgh Orthopedic Associates Data Breach Affects Almost 57,000 Individuals

Greater Pittsburgh Orthopedic Associates has experienced a ransomware attack that has affected almost 57,000 individuals. Data breaches have also been announced by Triad Radiology Associates in North Carolina and North East Medical Services in California. Greater Pittsburgh Orthopedic Associates, Pennsylvania Greater Pittsburgh Orthopedic Associates in Pennsylvania has recently reported a data breach to the Maine Attorney General involving unauthorized access to the personal and protected health information of up to 56,954 individuals, including 3 Maine residents. According to the notice, anomalous network activity was identified on August 10, 2025. Incident response protocols were initiated, and third-party cybersecurity experts were engaged to assist with the investigation, help secure its IT environment, and harden security. The investigation confirmed that patient data was exposed in the incident, and the review of that data has recently been completed. The exposed data elements vary from individual to individual and may include names in combination with one or more of the...

Read More
Vikor Scientific Affected by Ransomware Attack on Revenue Cycle Management Vendor
Feb23

Vikor Scientific Affected by Ransomware Attack on Revenue Cycle Management Vendor

Vikor Scientific (now rebranded as Vanta Diagnostics), a molecular diagnostics company based in Charleston, South Carolina, has been affected by a security incident at one of its vendors – the revenue cycle management company, Catalyst RCM. The breach also affected the Vikor Scientific-owned molecular testing laboratory KorGene,  and KorPath, a Tampa, Florida-based anatomical pathology lab, which partners with Vanta Diagnostics. Vikor Scientific has reported the data breach to the HHS’ Office for Civil Rights as involving the electronic protected health information (ePHI) of 139,964 individuals. Catalyst RCM has published a substitute breach notice on its website and is issuing notification letters to the affected individuals on behalf of its affected HIPAA-covered entity clients. While it is ultimately the responsibility of each affected HIPAA-covered entity to issue notification letters when there has been a data breach at a vendor, the notification responsibilities are often delegated to the vendor. In the breach notice, Catalyst RCM explains that suspicious activity was...

Read More
VA OIG Identifies Security Deficiencies in Audit of VA Spokane Healthcare System
Feb23

VA OIG Identifies Security Deficiencies in Audit of VA Spokane Healthcare System

An audit of the Department of Veterans’ Affairs Spokane Healthcare System in Washington state by the Department of Veterans Affairs Office of Inspector General (VA OIG) identified deficiencies in all three control areas inspected: configuration management, security management, and access controls. The audit was conducted on the Mann-Grandstaff VA Medical Center between January 29 and February 6, 2025, which has approximately 1,300 employees and provided care to 27,000 patients in fiscal year 2024. There were several instances where staff failed to remediate critical and high-severity vulnerabilities within the 60-day time frame stipulated by the VA, and in some cases had failed to develop the required action plans to remediate those vulnerabilities within that time frame. VA OIG also identified systems that were running unsupported software, and several devices were identified that had not been configured to VA-approved security baselines. These deficiencies increased the risk of unauthorized access and operational disruption, especially the failure to meet the security baselines...

Read More
Senators Demand Answers from Labor Secretary on Decline in OSHA Safety & Health Enforcement
Feb23

Senators Demand Answers from Labor Secretary on Decline in OSHA Safety & Health Enforcement

Six Democratic Senators have written to the United States Secretary of Labor, Lori Chavez-DeReme, demanding answers about an apparent rollback of safety rules and reduced oversight of workplace safety and health. Senators Elizabeth Warren (D-MA), Angela Alsobrooks (D-MD), Tammy Baldwin (D-IL), Richard Blumenthal (D-CT), Alex Padilla (D-CA), and Ron Wyden (OR) questioned whether the Trump administration is discouraging the enforcement of workplace safety laws, and whether the sharp reduction in inspections and penalties is a precursor to the elimination of key safety regulations that were established to keep American workers safe. Sen. Warren was confidentially provided with data that shows a 20% reduction in workplace inspections by the Department of Labor’s Occupational Safety and Health Administration (OSHA) between April 2025 and September 2025, compared to the corresponding period the previous year. The data also show a 42% reduction in inspections with citations for willful violations. While there may have been improvements to workplace safety, resulting in fewer citations for...

Read More
Interview: Hoala Greevy, Founder & CEO, Paubox
Feb23

Interview: Hoala Greevy, Founder & CEO, Paubox

The HIPAA Journal has spoken with Paubox founder and CEO, Hoala Greevy to find out more about their work and experiences with HIPAA. Tell the readers about your career in the healthcare industry My journey in healthcare began in 2014, following a lunch meeting with Siana Austin Hunt, who was CEO of the Make-A-Wish Foundation of Hawaii at the time. She explained a business problem to me and after some thought, I decided to do something about it. From there we built a seamless email encryption solution that became Paubox. What was your first position? My first job out of college was working for an email company in San Francisco in 1999. I’ve been doing email ever since. What is your current position? I’m the Founder and CEO of Paubox. What are the main challenges in your position? Communicating the mission, vision, and future direction of Paubox to staff, investors, and customers. I’ve found in my role, there is no such thing as over-communicating. Tell the readers about any significant event in your career. During my first semester taking computer science courses...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist