ISC2 HealthCare Information Security and Privacy Practitioner® (HCISPP®)

Get the knowledge you need to maintain the security of sensitive healthcare information with the ISC2 HealthCare Information Security and Privacy Practitioner (HCISPP®) course.

Protect vital healthcare information with HCISPP®

There's a growing need to ensure security for the rapidly evolving healthcare industry. Prove you have the skills needed to protect the increasing volumes of electronic health records.

On this HCISPP training, you'll gain an understanding of the six ISC2 HCISPP CBK® domains, which cover:

• Healthcare Industry
• Privacy and Security in Healthcare
• Regulatory Environment
• Information Governance and Risk Management
• Information Risk Assessment
• Third-Party Risk Management

At Firebrand, we are proud to be an Official Training Premier Partner of ISC2 in recognition of our commitment to delivering world-class training, certification, and professional development opportunities for Cybersecurity professionals.

Domain 1: Healthcare Industry

• The Healthcare environment
• Third-party relationships
• Foundational health data management concepts

Domain 2: Regulatory Environment

• Identify applicable regulations
• International regulations and controls
• Compare internal practices against new policies and procedures
• Compliance frameworks
• Responses for risk-based decision
• How to comply with the Code of Conduct/Ethics in HealthCare information

Domain 3: Privacy and Security in HealthCare

• Security objectives/attributes
• General security definitions/concepts
• General privacy principles
• Relationships between privacy and security
• The disparate nature of sensitive data handling implications

Domain 4: Information Governance and Risk Management

• Security and privacy governance
• Basic risk management methodology
• Information risk management life cycles
• Participate in risk management activities

Domain 5: Information Risk Assessment

• Risk assessment
• Identify control assessment procedures from within organizational risk frameworks
• Participate in risk assessment consistent with role in an organization
• Participate in efforts to remediate gaps

Domain 6: Third-party Risk Management

• Define third parties in the healthcare context
• Maintain a list of third-party organizations
• Determine when third-party assessment is required
• Support third-party assessments and audits
• Respond to notifications of security/privacy events
• Support the establishment of third-party connectivity
• Promote awareness of the third-party requirements (internally and externally)
• Respond to third-party requests regarding privacy/security event

You must have a minimum of two years cumulative experience covering any or all 3 of the following three domains:

• Domain 1: Healthcare Industry
• Domain 2: Regulatory Environment in Healthcare
• Domain 3: Privacy and Security in Healthcare

If you don't yet have the necessary experience, you can still take this course but won't achieve the HCISPP® certification. Instead, ISC2 will grant you Associate of ISC2 status after you pass your HCISPP examination, which gives you access to unique career development and networking resources. And once you do achieve the necessary experience, you'll receive your HCISPP® certification.

On this accelerated course, you'll prepare for and sit your HCISPP® certification exam at the Firebrand Training Centre, covered by your Certification Guarantee:

ISC2 Healthcare Information Security & Privacy Practitioner HCISPP® exam

• Length of exam: Up to 3 hours
• Number of questions: 125 questions
• Format: Multiple Choice
• Passing grade: 700 out of 1000 points
• Languages: English

You'll be assessed on the 6 HCISPP® domains:

1. Healthcare Industry
2. Regulatory Environment
3. Privacy and Security in Healthcare
4. Information Governance and Risk Management
5. Information Risk Assessment
6. Third-Party Risk Management