Healthcare Information Security and Privacy Practitioner (HCISPP) Training

Level: Intermediate
Course #: 2066

Course info - Prices, Enrollment

In this HCISPP training course, you gain the foundational knowledge to fully prepare for the (ISC)²® Healthcare Information Security and Privacy Practitioner (HCISPP®) exam, including a comprehensive understanding of the 6 domains of the HCISPP CBK. With (ISC)²’s global healthcare information security certification, security professionals will be in a position to implement, manage and assess the proper security and privacy controls needed to protect healthcare organizations, including protecting patient healthcare information.

This healthcare security certification course tuition includes the current Official (ISC)² Guide to the HCISPP CBK, and a voucher that allows you to take the exam at any Pearson VUE Test Center.

Key Features of this Healthcare Information Security (HCISPP) Certification Training:

Official (ISC) course materials with a preferred (ISC) training partner

Earn HCISPP certification — exam voucher included with course tuition

Official (ISC) Guide to the HCISPP® CBK® included with tuition After-course instructor coaching benefit included

You Will Learn How To:

Strategically focus your preparation for HCISPP Certification

Gain knowledge on the Healthcare industry including third party relationships and health data management concepts

Identify applicable regulations, compliance frameworks, privacy principles and policies to protect information security Develop risk management methodology and identify control assessment procedures

Goals Live, Instructor-Led – Live, Online Training

Exam voucher included

HCISPP Instructor-Led Course Information

HCISPP Instructor-Led Course Description

Learning Tree’s HCISPP training course includes 17 hours of Instructor-Led Training (ILT) or Virtual Instructor-Led Training (VILT) presented by a real-world HCISPP expert. You will acquire the skills and knowledge needed to pass the HCISPP certification.


HCISPP candidates must meet specific requirements, as established by (ISC)2
Those without the required experience can take the exam to become an Associate of (ISC)2 while working toward the experience needed for full certification.

Exam Information

This course includes a voucher for the (ISC) HCISPP® CBK® exam HCISPPs are required by (ISC)2 to earn 120 Continuing Professional Education (CPE) credits every three years.

HCISPP Instructor-Led Course Outline

Healthcare Industry

Understanding the healthcare environment

Navigating the types of organizations in the healthcare sector

Exploring health insurance, workflow management, and healthcare records management Defining third party relationships and foundational health data concepts

Regulatory Environment

Identifying applicable domestic and international regulations

Exploring legal issues pertaining to information security and privacy

Mapping information flow

Identifying data subjects, owners, controllers and processors

Apply compliance frameworks

Exploring NIST, ISO and IG Toolkit

Ensuring compliance with Generally Acceptable Privacy Principles (GAPP)

Understanding responses for risk-based decisions

Defining compensating controls

Generating control variance documentation

Determining residual risk tolerance

Privacy and Security in Healthcare

Defining security objectives and attributes

Maintaining confidentiality of healthcare information

Protecting the integrity of information

Ensuring availability of information as needed

Applying general privacy principles

Implementing access control and data encryption

Maintaining accuracy, completeness and quality

Applying OECD, Privacy Principles, GAPP, PIPEDA and UK Data Protection Act

Understanding the disparate nature of sensitive data and handling implications

Personal and health information protected by law

Mitigating sensitivity, de-identification and anonymization

Information Governance and Risk Management

Defining security and privacy governance

Exploring information governance

Reviewing different governance structures

Risk management

Establishing risk management methodologies

Exploring risk management life cycles including NIST, CMS, ISO Participating in risk management activities

Information Risk Assessment

Understanding risk assessment

Lifecycle / continuous monitoring

Establishing desired outcomes

Determining the role of internal and external audit/assessment

Participating in risk assessment consistent with job role

Determining timelines for risk assessment

Performing gap analysis

Establishing corrective action plans

Third Party Risk Assessment

Applying third-party standards and practices

Managing relationships

Comprehending compliance requirements

Triggering third-party assessments

Responding to Notification of Security/Privacy Events

Establishing internal processes for incident response

Breach recognition, notification and initial response

Course info - Prices, Enrollment