Course Description
This class is based on the six HCISPP domains of the (ISC)² Common Body of Knowledge (CBK), ensuring students successfully prepare for the HCISPP exam and enhance their overall competencies in healthcare security and privacy.
Course Objectives
This class is based on the six HCISPP domains of the (ISC)² Common Body of Knowledge (CBK), ensuring students successfully prepare for the HCISPP exam and enhance their overall competencies in healthcare security and privacy.
Course Outline
1 - HEALTHCARE INDUSTRY
- Healthcare Environment
- Third-Part Relationships
- Health Data Management Concepts
2 - REGULATORY ENVIRONMENT
- Applicable Regulations
- International Regulations and Controls
- Internal Practices Compared to New Policies and Procedures
- Compliance Frameworks
- Risk-Based Decisions
- Code of Conduct/Ethics in a Healthcare Information Environment
3 - PRIVACY AND SECURITY IN HEALTHCARE
- Security Objectives/Attributes
- General Security Definitions/Concepts
- General Privacy Principles
- The Relationship Between Privacy and Security
- Disparate Nature of Sensitive Data and Handling Implications
- Security and Privacy Terminology Specific to Healthcare
4 - INFORMATION GOVERNANCE AND RISK MANAGEMENT
- Security and Privacy Governance
- Risk Management Methodology
- Information Risk Management Life Cycles
- Risk Management Activities
5 - INFORMATION RISK ASSESSMENT
- Risk Assessment
- Procedures from Within Organization Risk Frameworks
- Risk Assessment Consistent with Role in Organization
- Efforts to Remediate Gaps
6 - THIRD-PARTY RISK MANAGEMENT
- Definition of Third Parties in Healthcare Context
- Third-Party Management Standards and Practices
- Third-Party Assessments and Audits
- Security/Privacy Events
- Third-Party Connectivity
- Third-Party Requirements (Internally and Externally)
- Remediation Efforts
There are no prerequisites for this course.
Course Information
Length: 3 day
Format: Lecture and Lab
Delivery Method: n/a
Max. Capacity: 16
Schedule
Contact Us
Do you have more questions? We're delighted to assist you!
Who Should Attend
The intended audience for the HCISPP training program is professionals with practical healthcare experience, as well as a foundation in information security, privacy or risk. Typically speaking, HCISPP is ideal for those working in roles such as, but not limited to: Compliance officer Information security manager Privacy officer Compliance auditor Risk analyst Medical records supervisor Information technology manager Privacy and security consultant Health information manager Practice manager
