ISC2 - Healthcare Information Security & Privacy Practitioner

Get the knowledge you need to maintain the security of sensitive healthcare information. The ISC2 HCISPP (HealthCare Information Security and Privacy Practitioner) course develops your knowledge, experience and competency in health information security and privacy best practices.

Protect vital healthcare information

There’s a growing need to ensure security for the rapidly evolving healthcare industry. Prove you have the skills needed to protect the increasing volumes of electronic health records. On this HCISPP course you’ll gain an understanding of the six ISC2 HCISPP CBK® domains, which cover:

• Healthcare Industry
• Privacy and Security in Healthcare
• Regulatory Environment
• Information Governance and Risk Management
• Information Risk Assessment
• Third Party Risk Management

Domain 1: Healthcare Industry

• The Healthcare environment
• Third-party relationships
• Foundational health data management concepts

Domain 2: Regulatory Environment

• Identify applicable regulations
• International regulations and controls
• Compare internal practices against new policies and procedures
• Compliance frameworks
• Responses for risk-based decision
• How to comply with Code of Conduct/Ethics in HealthCare information

Domain 3: Privacy and Security in HealthCare

• Security objectives/attributes
• General security definitions/concepts
• General privacy principles
• Relationships between privacy and security
• The disparate nature of sensitive data handling implications

Domain 4: Information Governance and Risk Management

• Security and privacy governance
• Basic risk management methodology
• Information risk management life cycles
• Participate in risk management activities

Domain 5: Information Risk Assessment

• Risk assessment
• Identify control assessment procedures from within organizational risk frameworks
• Participate in risk assessment consistent with role in organization
• Participate in efforts to remediate gaps

Domain 6: Third-party Risk Management

• Define third parties in Healthcare context
• Maintain a list of third-party organizations
• Determine when third-party assessment is required
• Support third-party assessments and audits
• Respond to notifications of security/privacy events
• Support establishment of third-party connectivity
• Promote awareness of the third-party requirements (internally and externally)
• Respond to third-party requests regarding privacy/security event

On this accelerated course, you'll prepare for and sit your HCISPP exam at the Firebrand Training Centre, covered by your Certification Guarantee.

ISC2 Healthcare Information Security & Privacy Practitioner: HCISPP exam

• Length of exam: up to 3 hours
• Number of questions: 125 questions
• Format: Multiple Choice
• Passing grade: 700 out of 1000 points
• Languages: English

You'll be assessed on the 6 HCISPP domains:

1. Healthcare Industry
2. Regulatory Environment
3. Privacy and Security in Healthcare
4. Information Governance and Risk Management
5. Information Risk Assessment
6. Third-Party Risk Management

• Official ISC2 HCISPP course materials.
• Official ISC2 HCISPP exam.

CPE credits can be earned by attending this 3-day HCISPP course. ISC2 recognises a maximum of 24 CPEs for an existing ISC2 certification holder.

You must have a minimum of two years cumulative experience covering any or all 3 of the following three domains:

• Domain 1: Healthcare Industry
• Domain 2: Regulatory Environment in Healthcare
• Domain 3: Privacy and Security in Healthcare

Don't have the necessary experience?

If you don't yet have the necessary experience, you can still take this course but won't achieve the HCISPP certification. Instead, ISC2 will grant you “Associate of ISC2” status after you pass your HCISPP examination.

As an ISC2 Associate you'll get access to unique career development and networking resources from ISC2. And once you do achieve the necessary experience, you'll receive your HCISPP certification.