Publications

Books

Information Security in Healthcare: Building a Security Program
Tom Walsh and Terrell W. Herzig, Health Information and Management Systems Society (HIMSS), 2013

Information Security in Healthcare: Managing Risk
Tom Walsh and Terrell W. Herzig, Health Information and Management Systems Society (HIMSS), 2010

Medical Records Disaster Planning – A Health Information Manager’s Survival Guide
Tom Walsh, Bonnie C. Sher, and Gary Roselle M.D., American Health Information Management Association (AHIMA), 2008

Handbook for HIPAA Security Implementation
Tom Walsh and Margret Amatayakul, American Medical Association (AMA), 2003

 

Articles

Why the HIPAA Security Rule Needs a Refresh, Tom Walsh, CISSP (HealthTechMagazine.Net, Spring 2020

View Article – Why the HIPAA Security Rule Needs a Refresh

Protecting Student Data is Your Obligation – What is your school’s GPA?, Joe Gillespie, MHS, RHIA, CHPS

View Article/whitepaper – Protecting Student Data is Your Obligation

The Privacy and Security of Occupational Health Records, acknowledgment Joe Gillespie, MHS, RHIA, CHPS

View AHIMA Practice Brief

Avoid Pain After a Breach – Read the Fine Print, Joe Gillespie, MHS, RHIA, CHPS and Susan Lucci, RHIA, CHPS, CHDS, AHDI-F
(Journal of AHIMA, Volume 90, Number 6, American Health Information Management Association, June 2019)
http://library.ahima.org/doc?oid= 302753#.XPWlJ4hKiUk

Editor’s Note – Lee DeOrio, with Susan Lucci, senior privacy/security consultant at tw-Security and an editorial advisory board member
(For The Record, Volume 31, No. 4 P. 3, Great Valley Publishing Company, April 2019)
https://www.fortherecordmag.com/archives/0119p6.shtml

Data Breaches: Insights Into a Pervasive Problem, coauthored with Keith Fricke, MBA, CISSP, PMP, and Susan Lucci, RHIA, CHPS, CHDS, AHDI-F
(For the Record, Volume 31, No. 1, P. 6, Great Valley Publishing Company, January 2019)
https://www.fortherecordmag.com/archives/0119p6.shtml

Cybersecurity 101, Susan Lucci, RHIA, CHPS, CHDS, AHDI-F
(Journal of AHIMA, Volume 86, Number 11, American Health Information Management Association, November 1, 2015)
http://library.ahima.org/doc?oid=107795#.VykAl4QrIkU

Changing Face of Disaster Recovery, Tom Walsh, CISSP and Susan Lucci, RHIA, CHPS, CHDS, AHDI-F
(For the Record, Volume 27, Number 10 [cover story], Great Valley Publishing Company, October 1, 2015)
http://viewer.zmags.com/publication/0277fb6d#/0277fb6d/1 

 

Podcasts

Keeping Incident Response Plans Current Mark Dill, former CISO at Cleveland Clinic, Shares Best Practices (2019-02-12)

Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current. “I’m still not seeing a lot of [incident response] playbooks in cyberspace where you have previously thought out how you analyze and report the incident,” he says in an interview with Information Security Media Group at the HIMSS19 conference in Orlando. LISTEN TO PODCAST


HIPAA Security Rule Turns 20: It’s Time for a Facelift (2018-08-13)

As the HIPAA security rule turns 20, it’s time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that’s happened over the past two decades, says security expert Tom Walsh. LISTEN TO PODCAST


Why the HIPAA Security Rule Needs Updating (2016-12-21)

Security Expert Tom Walsh on the Changing Threat Landscape  LISTEN TO PODCAST


Essential Traits of Successful CISOs (2016-01-06)

Former Cleveland Clinic CISO Mark Dill Offers Career Advice LISTEN TO PODCAST