25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

Dental Care Alliance Data Breach Impacts More Than 1 Million Patients

Sarasota, FL-based Dental Care Alliance, LLC, a dental support organization with more than 320 affiliated dental practices across 20 states, has been hacked and the protected health information of more than a million individuals has potentially been compromised. The breach occurred on September 18, 2020, was detected on October 11, and was contained on October 13. A breach notification submitted to the Maine Attorney General’s office indicates some patient information was acquired by the hackers, such as patient names in combination with financial account numbers, although Dental Care Alliance said only around 10% of the affected individuals had their financial account number exposed. For the majority of individuals affected by the breach, the information potentially compromised was limited to names, addresses, diagnoses, treatment information, patient account numbers, billing information, dentists’ names, and health insurance information. Dental Care Alliance said it acted quickly when the breach was discovered to secure its systems to prevent any further unauthorized...

Read More

Six More Healthcare Providers Impacted by Ransomware Attacks

GBMC HealthCare in Maryland, Golden Gate Regional Center in California, and Dyras Dental in Michigan have recently suffered ransomware attacks and Allegheny Health Network, AMITA Health, and Bayhealth have announced they have been affected by the ransomware attack on Blackbaud Inc. GBMC HealthCare Towson, MD-based GBMC HealthCare has announced it suffered a ransomware attack on December 6, 2020 that forced its computer systems offline and the healthcare provider is now operating under EHR downtime procedures while the attack is mitigated.  GBMC HealthCare had planned for such an attack and had processes in place to ensure care could continue to be provided to patients while keeping disruption to a minimum. Safe and effective care continues to be provided to patients and its emergency department did not stop receiving patients; however, some elective procedures scheduled for Monday 7, December were postponed. Efforts are underway to bring systems back online and restore the encrypted data and law enforcement has been notified and is investigating the attack. The Egregor ransomware...

Read More

Critical Vulnerabilities Identified in More Than 100 GE Healthcare Imaging and Ultrasound Products

Two critical severity vulnerabilities have been identified in GE Healthcare medical imaging devices that allow remote code execution and access/alteration of sensitive patient data. The vulnerabilities affect GE Healthcare’s proprietary management software and impact more than 100 GE Healthcare imaging devices including MRI, Ultrasound, Advanced Visualization, Interventional, X-Ray, Mammography, Computed Tomography, Nuclear Medicine and PET/CT devices. Affected GE Healthcare Products Device Product Families MRI Brivo, Optima, Signa Ultrasound EchoPAC, Image Vault, LOGIQ, Vivid, Voluson Advanced Visualization AW Interventional Innova, Optima X-Ray AMX, Brivo, Definium, Discovery, Optima, Precision Mammography Seno, Senographe Pristina Computed Tomography BrightSpeed, Brivo, Discovery, Frontier LightSpeed, Optima, Revolution Nuclear Medicine, PET/CT Brivo, Discovery, Infinia Optima, PET Discovery, PETtrace, Ventri, Xeleris The vulnerabilities were identified by Lior Bar Yosef and Elad Luz of CyberMDX who reported them to GE Healthcare in May 2020. CyberMDX has dubbed the flaws...

Read More
Webinar: How HIPAA-Compliant Messaging Transforms Healthcare
Dec09

Webinar: How HIPAA-Compliant Messaging Transforms Healthcare

Data show 70% of delays in providing treatment to patients is due to miscommunication, so resolving the problems that result in miscommunication in healthcare is key to improving quality of care, clinical outcomes, and the patient experience. One of the biggest contributory factors to miscommunication is the use of outdated communications systems, which has long been a problem in healthcare. Fortunately, there is a solution that has been shown to greatly improve communication efficiency and reduce the potential for errors and miscommunication – a secure texting platform. To find out more about secure, HIPAA-compliant messaging and how it can make care teams immediately more efficient and effective, we invite you to join this upcoming webinar. During the webinar you will discover how this single change can lead to major improvements in collaboration, save valuable time, decrease costs, and lead to happier staff and patients. The webinar is being hosted by TigerConnect, the leading secure healthcare messaging provider, and will take place on Wednesday, December 9 at 10 a.m. PT / 1...

Read More

Insider Data Breaches Reported by Montefiore Medical Center and Mercy Health

Insider data breaches have been reported by Montefiore Medical Center and Mercy Health. Both incidents involved an employee accessing patient information when there was no legitimate work-related reason for doing so. Former Montefiore Medical Center Employee Accessed Patient Data for Billing Scam Montefiore Medical Center in New York City has discovered a former employee accessed patient information as part of a billing scam. Patient names, medical record numbers, and surgery dates were viewed and used to create invoices for unused surgical products, in connection with a vendor. Montefiore Medical Center discovered the fraud after the invoices had been paid and launched an investigation that revealed the former employee had accessed the information of approximately 4,000 patients without authorization between January 2018 and July 2020. Medical records, Social Security numbers, and financial information were not accessed, and the investigation has not uncovered any evidence to suggest patients or their insurance companies were defrauded. The fraud has been reported to law...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist