C)HISSP: Certified Healthcare IS Security Practitioner
About this Course
The vendor neutral Certified Healthcare Information Systems Security Practitioner certification course covers the skills and knowledge to implement the best IT Healthcare Practices, as well as, regulatory compliance and standards in the healthcare industry. Because of growing industry regulations and privacy requirements in the healthcare industry, the Certified Healthcare Information Systems Security Practitioner was developed by mile2. The CHISSPs have become vital in managing and protecting healthcare data and are tasked to protect patient information by implementing, managing, and assessing proper IT controls for patient health information integrity.
Mile2 Accreditations:
- Accredited by the NSA CNSS 4011-4016
- Is approved and has been placed on Homeland Security’s National Initiative for Cyber Security Careers and Studies (NICCS) training providers and maps to the National Cybersecurity Workforce Framework
- Preferred cyber certification for the FBI
Audience Profile
Information System Security Officers
Privacy Officers
Health IS Managers
Risk Managers
Information Security Managers
Compliance & Privacy Officers
At Course Completion
Upon completion, the student will be ready to take the Certified Healthcare Information Systems Security Practitioner exam by mile2. In addition, at the end of the CHISSP course, the student will be versed with best practices in the healthcare industry and will be able to establish a framework with current best practices in respects to privacy, regulation and risk management.
Outline
Module 1: Intro to the Healthcare Industry
▪ Healthcare Environment
▪ Third-Party Relationships
▪ Health Data Management Concepts
Module 2: Regulatory Environment
Applicable Regulations
▪ International Regulations and Controls
▪ Internal Practices Compared to New Policies and Procedures
▪ Compliance Frameworks
▪ Risk-Based Decisions
Module 3: Healthcare Privacy & Security Policies
▪ Security Objectives/Attributes
▪ Security Definitions/Concepts
▪ Privacy Principles
▪ Disparate Nature of Sensitive Data and Handling Implications
Module 4: Information Governance & Risk Management
– How organizations manage information risk through security and privacy governance, risk management lifecycles, and principle risk activities
▪ Security and Privacy Governance
▪ Risk Management Methodology
▪ Information Risk Management Life Cycles
▪ Risk Management Activities
Module 5: Information Governance & Risk Assessment
▪ Risk Assessment
▪ Procedures from within Organization Risk
▪ Risk Assessment Consistent with Role in Organization
▪ Efforts to Remediate Gaps
Module 6: Third-Party Risk Management
Definition of Third-Parties in Healthcare Context
▪ Third-Party Management Standards and Practices
▪ Third-Party Assessments and Audits
▪ Security/Privacy Events
▪ Third-Party Connectivity
▪ Third-Party Requirements Remediation Efforts
Prerequisites
A minimum of 1 year of Healthcare Information Systems