It all started in 2003…
when Tom Walsh founded Tom Walsh Consulting, LLC.
His goal was to build a healthcare IT security and privacy consulting firm founded on the Certified Information Systems Security Professional (CISSP) Code of Ethics. The Code commits the professional to “act honorably, honestly, justly, responsibly, and legally for the benefit of society, the customer, and the IT profession.”
Known for his energetic style, Tom conducted multiple HIPAA programs – remember T.E.A? Training, Education, and Awareness. He became well known as a public speaker throughout the state of Kansas and nationally, spreading the “HIPAA mission”. “One of my greatest honors occurred when HIMSS asked me to be one of the “Views from the Top” speakers at the 2003 HIMSS Annual conference”.
HIMSS: What advice would you give professionals just entering the healthcare or IT field?
Walsh: “People, process, and technology – in that order.” I got this from the IT Infrastructure Library (ITIL). But it is the mantra I use when advising clients. Security and privacy are important, but the primary mission is the care of patients. IT needs to support the mission by making it easier for caregivers to do their job rather than constructing barriers. Just remember—if your loved one is in a hospital bed in critical condition, waiting for the lab results or the orders of a specialist – security and privacy become a lower priority.
Anyone who is new in healthcare IT needs to spend at least a half-day just observing what goes on in the clinical care areas. It will change his or her perspective on their job in IT. It will give them a bigger picture. As the old saying goes, “Are you laying bricks, or building a cathedral?”
Another primary goal in building his business: to provide cost-effective solutions using proven methodologies and tools that prioritize real-world risks. Customers saw the benefits of this approach, and the business grew rapidly through word-of-mouth referrals.
In 2013 the firm was restructured as tw-Security, LLC. tw-Security is dedicated solely to helping healthcare organizations (covered entities and business associates) protect their information resources. Today, tw-Security enjoys a reputation for providing affordable, deliverable-oriented services that equal those of much larger consulting firms. In response to a growing demand for his services, Tom has recruited a team of former Chief Information Security Officers (CISOs) and Privacy Officers. A qualifying criterion was large healthcare system expertise and an understanding of how to scale solutions for small hospitals. Consultants who join the tw-Security team share his commitment to quality and customer service. The team is sought after for its expert perspective on current cybersecurity, data privacy, and compliance trends and issues by industry organizations and the media.
In January 2020, an impartial healthcare research firm announced cybersecurity advisory vendors’ rankings across multiple customer experience pillars. tw-Security came in second, scoring 95, narrowly missing the top spot by two tenths. Representing validated customer experience data, we received an A-plus rank in loyalty (would buy again, overall satisfaction, and likely to recommend). We also received A-grades in operations, relationship, and value, and an A-minus in services. The services we do provide – we do meticulously well!
We’ve served over 185 healthcare customers since 2003.
tw-Security serves a diverse customer base; covered entities, business associates, professional organizations, managed service firms, and legal firms as expert witnesses.
- Academic medical centers
- Community-based hospitals
- Integrated delivery networks and their outpatient entities
- Critical access hospitals (<25 beds)
- Long term care
- Specialty hospitals
- Physician practices
- Healthcare insurance – Payer
- Health management networks
- Community affiliated management organizations
- Application vendors
- Life sciences/pharma
- Mobile health vendors
- Predictive analytic solution providers
- Professional service consulting firms
- Revenue cycle service providers
- Technology infrastructure service providers
- Cloud-based vendors