The Official (ISC)² HCISPP training provides a comprehensive review of the knowledge required to implement, manage or assess the appropriate security and privacy controls of a healthcare organization. This training course will help students review and refresh their knowledge and identify areas they need to study for the HCISPP exam. This Course is taught by an (ISC)²-authorized instructor.
After completing this course, the student will be able to:
Conceptualize the diversity in the healthcare industry. To achieve this, learners will gain knowledge of the diverse types of healthcare organizations, types of technologies, how information and data flows and is managed, how data is exchanged, and the levels of protection required for that data.
Identify and describe the relevant legal and regulatory requirements regarding healthcare information. These requirements are necessary to ensure that the organization’s policies and procedures are in compliance and that all trans-border data exchange procedures are followed.
Describe security and privacy concept principles as they relate to the healthcare industry. Learners will be able to understand the relationship of security and privacy, and how to manage and handle all information requiring data protection in the healthcare industry.
Identify how organizations manage information risk, and what security and privacy governance means for that information. Learners will be introduced to basic risk management methods and lifecycles, and the activities that support these concepts.
Describe risk assessment, and the risk assessment practices and procedures for an organization.
Identify concepts for managing third-party relationships. Learners will gain knowledge regarding concepts pertaining to their use of information, any additional security and privacy assurances, third-party assessments, third-party security and privacy events, and recognize the mitigation process of third-party risks.
- Domain 1. Healthcare Industry
- Domain 2. Information Governance in Healthcare
- Domain 3. Information Technologies in Healthcare
- Domain 4. Regulatory and Standards Environment
- Domain 5. Privacy and Security in Healthcare
- Domain 6. Risk Management and Risk Assessment
- Domain 7. Third-Party Risk Management
The training is ideal for those working in positions such as but not limited to:
- Compliance Officer
- Information Security Manager
- Privacy Officer
- Compliance Auditor
- Risk Analyst
- Medical Records Supervisor
- Information Technology Manager
- Privacy and Security Consultant
- Health Information Manager
- Practice Manager