Official (ISC)² CBK Training Seminars for the HCISPP

Provided by

About the course

HCISPP Course Overview

Led by an (ISC)² authorized instructor, this training seminar provides a comprehensive review of healthcare security and privacy concepts and industry best practices, covering the 6 domains of the HCISPP CBK:

  • Healthcare Industry
  • Regulatory Environment
  • Privacy and Security in Healthcare
  • Information Governance and Risk Management
  • Information Risk Assessment
  • Third Party Risk Management

Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. This interactive learning technique is based on sound adult learning theories.

This training course helps candidates review and refresh their healthcare information security and privacy knowledge and help identify areas they need to study for the HCISPP exam and features:

  • Official (ISC)² courseware
  • Taught by an authorized (ISC)² instructor
  • Student handbook in electronic format
  • Interactive Online Flash Cards
  • Collaboration with classmates
  • Real-world learning activities and scenarios
Who should attend?

This training course is intended for practitioners who have at least 2 years of recent full-time professional work experience in 1 or more of the 6 domains of the HCISPP CBK and are pursuing HCISPP training and certification to validate their ability to implement, manage, or assess the appropriate security and privacy controls for a healthcare organization. The training seminar is ideal for those working in positions such as, but not limited to:

  • Compliance officer
  • Information security manager
  • Privacy officer
  • Compliance auditor
  • Risk analyst
  • Medical records supervisor
  • Information technology manager
  • Privacy and security consultant
  • Health information manager
  • Practice manager
Learning Objectives
  • Conceptualize the diversity in the healthcare industry. In order to achieve this, learners will gain knowledge of the diverse types of healthcare organizations, types of technologies, how information and data flows and is managed, how data is exchanged, and the levels of protection required for that data.
  • Identify and describe the relevant legal and regulatory requirements regarding healthcare information. These requirements are necessary in order to ensure that the organizations policies and procedures are in compliance and that all trans-border data exchange procedures are followed.
  • Describe security and privacy concept principals as they relate to the Healthcare industry. Learners will be able to understand the relationship of security and privacy, and how to manage and handle all information requiring data protection in the healthcare industry.
  • Identify how organizations manage information risk, and what security and privacy governance means for that information. The learners will be introduced to basic risk management methods and lifecycles, and the activities that support these concepts.
  • Describe risk assessment, and the risk assessment practices and procedures for an organization.
  • Identify concepts for managing third-party relationships. Learners will gain knowledge regarding concepts pertaining to their use of information, any additional security and privacy assurances, third-party assessments, third-party security and privacy events, and recognize the mitigation process of third-party risks.

Related article

High-Demand Cybersecurity Job Roles and How to Get There Demand for cybersecurity talent continues to surge as organizations struggle to defend the...