25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Steve Alder

Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

What is the Relationship Between HITECH, HIPAA, and Electronic Health and Medical Records?
Jan13

What is the Relationship Between HITECH, HIPAA, and Electronic Health and Medical Records?

The relationship between HITECH, HIPAA, and electronic health and medical records is primarily that certain provisions of the HITECH Act amended HIPAA to support the Meaningful Use of electronic health and medical record adoption. A second relationship between HITECH, HIPAA and electronic health and medical records is that HITECH was responsible for introducing the Breach Notification Rule into HIPAA, which changed the burden of proof for demonstrating the harm had occurred/not occurred following a breach of unsecured PHI. What is the Relationship Between HITECH and HIPAA and Medical Records? There is a strong relationship between HITECH and HIPAA as Title II of HIPAA includes the administrative simplification provisions that led to the development of the Privacy and Security Rules, while one of the main aims of the HITECH Act was to encourage the adoption of electronic health and medical records by creating financial incentives for making the transition from paper to digital records. In order to enable the increased adoption of electronic health and medical records and keep the...

Read More
What is Protected Health Information?
Jan13

What is Protected Health Information?

Protected Health Information is an individual’s health, treatment, or payment for treatment information – and certain information maintained in the same data set that could identify the individual – when the information is maintained or transmitted by an organization covered by HIPAA. What is protected health Information is a question many sources struggle to answer successfully due to complicated definitions in the HIPAA Administrative Simplification provisions. This article provides you with the full and correct definition of Protected Health Information. You can also use our free Protected Health Information Guide to learn how to safeguard your organization’s PHI. The HIPAA Administrative Simplification provisions (45 CFR Parts 160,162, and 164) are intentionally “flexible” because they have to relate to the activities of different types of health plans, health care clearinghouses, qualifying healthcare providers (collectively known as “covered entities”) and third party service providers to covered entities (collectively known as “business associates”)....

Read More
How to Make Microsoft Office 365 HIPAA Compliant
Jan12

How to Make Microsoft Office 365 HIPAA Compliant

Microsoft Office is not HIPAA compliant by default and it is not sufficient to simply agree to the terms of Microsoft’s Business Associate Agreement (BAA) to make Microsoft Office 365 HIPAA compliant. The actual process of making Microsoft Office 365 HIPAA compliant (or any software solution) is more complicated than many covered entities and business associates appreciate – potentially resulting in HIPAA compliance failures and avoidable data breaches. Why Microsoft Office HIPAA Compliance is Complicated The reason Microsoft Office HIPAA compliance is complicated is that it is not the technology that determines HIPAA compliance, but how the technology is used to mitigate threats and hazards to the confidentiality, integrity, and availability of Protected Health Information (PHI). Without first identifying what threats and hazards exist, it is impossible to determine which Microsoft Office 365 plan is appropriate for an organization’s requirements. Before evaluating Microsoft Office 365 plans, covered entities and business associates should conduct a HIPAA risk assessment. The...

Read More
What is a HIPAA Compliant Home Office?
Jan12

What is a HIPAA Compliant Home Office?

A HIPAA compliant home office is a working environment set up to support HIPAA compliance and safeguard the privacy and security of Protected Health Information when a covered entity, business associate, or a member of either’s workforce works from home. Because of the different functions that can be performed from – and services that can be provided by – a home office, the requirements for HIPAA compliance can vary considerably. What is a Home Office in Healthcare? Although a home office is most often considered to be a remote working environment “in a location other than an employer’s central workplace”, a home office in healthcare could be the main working environment for a solo healthcare practitioner, a part-time employee of a covered entity, or a home business that provides medical transcription services as a business associate. Regardless of whether a home office is a remote or a main working environment, is used full-time or part-time, or by an individual or a team, a home office has to be set up to comply with HIPAA whenever the function being performed in – or...

Read More
HIPAA Training for Dental Offices
Jan12

HIPAA Training for Dental Offices

HIPAA training for dental offices consists of the same Privacy Rule and Security Rule training as required by other healthcare facilities, with additional considerations for multi-tasking employees, state licensing requirements, and the disposition of clients attending dental offices. Despite these additional considerations, it is important that the basics of HIPAA are still included in HIPAA training programs for dental office employees. As most dental offices are required to comply with state and federal e-prescribing regulations, most dental offices automatically qualify as HIPAA Covered Entities because they process HIPAA-covered transactions electronically. Consequently, all members of a dental office´s workforce are required to comply with applicable provisions of the HIPAA Privacy Rule, HIPAA Security Rule, and HIPAA Breach Notification Rule. In order for all members of the workforce to comply with the HIPAA Rules, it is important for employees to know what the Rules are and how they apply in day-to-day duties. Therefore, dental offices should provide training on the...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist