HealthCare Information Security and Privacy Practitioner – HCISPP
On Demand $2,495.00
Earning the HCISPP healthcare cybersecurity certification is a proven way to build your career and show employers you’re at the forefront of protecting patient health information and navigating a complex regulatory environment.
The HCISPP is the only certification that combines cybersecurity skills with privacy best practices and techniques. It demonstrates you have the knowledge and ability to implement, manage, and assess security and privacy controls to protect healthcare organizations using policies and procedures established by the cybersecurity experts at (ISC)².
Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey.
After completing this course, the student will be able to:
- Conceptualize the diversity in the healthcare industry. To achieve this, learners will gain knowledge of the diverse types of healthcare organizations, types of technologies, how information and data flows and is managed, how data is exchanged, and the levels of protection required for that data.
- Identify and describe the relevant legal and regulatory requirements regarding healthcare information. These requirements are necessary to ensure that the organization’s policies and procedures are in compliance and that all trans-border data exchange procedures are followed.
- Describe security and privacy concept principles as they relate to the healthcare industry. Learners will be able to understand the relationship between security and privacy, and how to manage and handle all information requiring data protection in the healthcare industry.
- Identify how organizations manage information risk, and what security and privacy governance mean for that information. Learners will be introduced to basic risk management methods and lifecycles, and the activities that support these concepts.
- Describe risk assessment, and the risk assessment practices and procedures for an organization.
- Identify concepts for managing third-party relationships. Learners will gain knowledge regarding concepts pertaining to their use of information, any additional security and privacy assurances, third-party assessments, third-party security and privacy events, and recognize the mitigation process of third-party risks.
Not everyone is eligible for every exam, thus it is important to know about eligibility requirements beforehand. For your convenience, we have provided all the relevant details below:
Firstly, the candidate must have a minimum of two years of work experience in knowledge areas of the HCISPP.
Secondly, a candidate that doesn’t have the required experience may become an Associate of (ISC)² by passing the HCISPP examination. After that, the Associate of (ISC)² will have three years to earn the two years of the required experience.
- Lectures 35
- Quizzes 0
- Duration 40 hours
- Skill level Advance Level
- Language English
- Students 364
- Certificate No
- Assessments Yes
Domain 1. Healthcare Industry
Domain 2. Information Governance in Healthcare
Domain 3. Information Technologies in Healthcare
Domain 4. Regulatory and Standards Environment
Domain 5. Privacy and Security in Healthcare
Domain 6. Risk Management and Risk Assessment
- 6.1 Understand Enterprise Risk Management
- 6.2 Understand Information Risk Management Framework (RMF) (e.g., International Organization for Standardization (ISO), National Institute of Standards and Technology (NIST))
- 6.3 Understand Risk Management Process
- 6.4 Identify Control Assessment Procedures Utilizing Organization Risk Frameworks
- 6.5 Participate in Risk Assessment Consistent with the Role in Organization
- 6.6 Understand Risk Response (e.g., corrective action plan)
- 6.7 Utilize Controls to Remediate Risk (e.g., preventative, detective, corrective)
- 6.8 Participate in Continuous Monitoring
Domain 7. Third-Party Risk Management
- 7.1 Understand the Definition of Third-Parties in Healthcare Context
- 7.2 Maintain a List of Third-Party Organizations
- 7.3 Apply Management Standards and Practices for Engaging Third-Parties
- 7.4 Determine When a Third-Party Assessment Is Required
- 7.5 Support Third-Party Assessments and Audits
- 7.6 Participate in Third-Party Remediation Efforts
- 7.7 Respond to Notifications of Security/Privacy Events
- 7.8 Respond to Third-Party Requests Regarding Privacy/Security Events
- 7.9 Promote Awareness of Third-Party Requirements