A Tribute to Terrell W. Herzig, Chapter 1: The Importance of Information Security in Healthcare, Chapter 2: Information Security Frameworks, Chapter 3: Information Security Planning, Chapter 4: Risk Analysis, Chapter 5: Senior Management Oversight and Involvement, Chapter 6: Information Security Regulations, Chapter 7: Security Policy Development, Chapter 8: The Concept of Security Controls Chapter 9: Access Control, Chapter 10: Network Security, Chapter 11: Use of Encryption, Chapter 12: Managing Mobile Devices, Chapter 13: Application Security, Chapter 14: Information Security Operations, Chapter 15: Security Considerations in Technology Contracting, Chapter 16: Business Continuity and Disaster Recovery, Chapter 17: Change Control and Change Management, Chapter 18: Testing Your Technical Controls, Chapter 19: Auditing Your Program, Chapter 20: Incident Handling, Chapter 21: Information Systems Implementation

Terrell W. Herzig, MSHI, CISSP, was Information Security Officer of the University of Alabama at Birmingham (UAB) Health System, the UAB HIPAA Security Officer, and an adjunct professor of Health Informatics at the UAB. Mr. Herzig taught graduate courses in Information Engineering, Programming, Computer Networks, and Information Security in the UAB School of Health Professions. Tom Walsh, CISSP, has partnered with Brian Evans, CISSP, CISM, CISA, CGEIT, to assist healthcare organizations throughout the country with building regulatory compliant information security programs.