Course Description
Course Objectives
This class is based on the six HCISPP domains of the (ISC)² Common Body of Knowledge (CBK), ensuring students successfully prepare for the HCISPP exam and enhance their overall competencies in healthcare security and privacy.
Agenda
Agenda
1 - HEALTHCARE INDUSTRY
Healthcare Environment
Third-Part Relationships
Health Data Management Concepts
2 - REGULATORY ENVIRONMENT
Applicable Regulations
International Regulations and Controls
Internal Practices Compared to New Policies and Procedures
Compliance Frameworks
Risk-Based Decisions
Code of Conduct/Ethics in a Healthcare Information Environment
3 - PRIVACY AND SECURITY IN HEALTHCARE
Security Objectives/Attributes
General Security Definitions/Concepts
General Privacy Principles
The Relationship Between Privacy and Security
Disparate Nature of Sensitive Data and Handling Implications
Security and Privacy Terminology Specific to Healthcare
4 - INFORMATION GOVERNANCE AND RISK MANAGEMENT
Security and Privacy Governance
Risk Management Methodology
Information Risk Management Life Cycles
Risk Management Activities
5 - INFORMATION RISK ASSESSMENT
Risk Assessment
Procedures from Within Organization Risk Frameworks
Risk Assessment Consistent with Role in Organization
Efforts to Remediate Gaps
6 - THIRD-PARTY RISK MANAGEMENT
Definition of Third Parties in Healthcare Context
Third-Party Management Standards and Practices
Third-Party Assessments and Audits
Security/Privacy Events
Third-Party Connectivity
Third-Party Requirements (Internally and Externally)
Remediation Efforts
Audience
Who Should Attend
The intended audience for the HCISPP training program is professionals with practical healthcare experience, as well as a foundation in information security, privacy or risk. Typically speaking, HCISPP is ideal for those working in roles such as, but not limited to: Compliance officer Information security manager Privacy officer Compliance auditor Risk analyst Medical records supervisor Information technology manager Privacy and security consultant Health information manager Practice manager