(ISC)2 HCISPP | HealthCare Information Security and Privacy Practitioner


Duration: 3 days
CPE Credits: 24
Course Number: SEC-318

This official HCISPP training seminar is a three day, 21 CPE course offered to you by Intrinsec Security – an official training partner of (ISC)?.

HCISPP Training Information
Course Overview

Led by an (ISC)? authorized instructor, the following course is an official (ISC)? training seminar for the HealthCare Information Security and Privacy Practitioner (HCISPP) certification, which confirms a practitioner?s core knowledge and experience in security and privacy controls for personal health information.

The training and provided course material for this official (ISC)? training seminar will teach students about protecting organizations and sensitive patient data from emerging threats and breaches. Additionally, this course will also help students successfully prepare for the HCISPP exam as it provides a comprehensive review of healthcare security and privacy concepts and industry best practices, covering the 6 domains of the HCISPP Common Body of Knowledge (CBK).

Aside from a reserved seat in an upcoming HCISPP training seminar, the resources provided to students include (ISC)??s official courseware and ?Study tools? which include the HCISPP flashcards and student handbook. When you combine (ISC)??s instructor-led training with the provided course material, this HCISPP training seminar is a great resource for those interested in passing the HCISPP exam or simply review and refresh their healthcare information security and privacy knowledge.

Your Registration Includes
  • 3 Days of HCISPP Training from an Authorized (ISC)? Instructor
  • Official (ISC)? HCISPP Training Courseware
  • Official (ISC)? HCISPP Student Guide
  • 60 Days of OnDemand Access to the Recordings of your HCISPP Session (Video & Audio)
    • NOTE: for Live Online training events only.

*A HCISPP certification exam voucher is available for an additional fee ($599 USD)

What You Will Learn

This (ISC)? authorized HCISPP training seminar is based on the six HCISPP domains of the (ISC)? Common Body of Knowledge (CBK), ensuring students successfully prepare for the HCISPP exam and enhance their overall competencies in healthcare security and privacy.

  • Domain 1: Healthcare Industry
  • Domain 2: Regulatory Environment
  • Domain 3: Privacy and Security in Healthcare
  • Domain 4: Information Governance and Risk Management
  • Domain 5: Information Risk Assessment
  • Domain 6: Third-Party Risk Management

Domain 1: Healthcare Industry

Healthcare Industry is the first domain reviewed in this official HCISPP training seminar. Students review the types of technologies and flows of information that require various levels of protection, and how healthcare information is exchanged within the industry.

HCISPP Training Objectives

  • Healthcare Environment
  • Third-Part Relationships
  • Health Data Management Concepts

Domain 2: Regulatory Environment

The Regulatory Environment domain focuses on understanding relevant legal and regulatory requirements related to health information, including requirements for trans-border data exchange, and help ensure their organization?s policies and procedures are in compliance.

HCISPP Training Objectives

  • Applicable Regulations
  • International Regulations and Controls
  • Internal Practices Compared to New Policies and Procedures
  • Compliance Frameworks
  • Risk-Based Decisions
  • Code of Conduct/Ethics in a Healthcare Information Environment

Domain 3: Privacy and Security in Healthcare

This domain covers the basic understanding of security and privacy concepts and principles, the relationship of security and privacy, and the types of information requiring protection in the healthcare industry.

HCISPP Training Objectives

  • Security Objectives/Attributes
  • General Security Definitions/Concepts
  • General Privacy Principles
  • The Relationship Between Privacy and Security
  • Disparate Nature of Sensitive Data and Handling Implications
  • Security and Privacy Terminology Specific to Healthcare

Domain 4: Information Governance and Risk Management

The Information Governance and Risk Management domain covers how organizations manage information risk through security and privacy governance, basic risk management methodology and lifecycles, and the principle risk activities they are likely to support.

HCISPP Training Objectives

  • Security and Privacy Governance
  • Risk Management Methodology
  • Information Risk Management Life Cycles
  • Risk Management Activities

Domain 5: Information Risk Assessment

Domain 5 focuses on risk assessment concepts and identifying and participating in risk assessment practices and procedures within an organization.

HCISPP Training Objectives

  • Risk Assessment
  • Procedures from Within Organization Risk Frameworks
  • Risk Assessment Consistent with Role in Organization
  • Efforts to Remediate Gaps

Domain 6: Third-Party Risk Management

The final domain, Third-Party Risk Management, covers third party relationships based on the use of health information, managing third party relationships, and determining when additional security and privacy assurances are required. Additionally, this domain focuses on supporting the assessments of third parties, responding to third party security and privacy events, and participating in the mitigation of third party risks.

HCISPP Training Objectives

  • Definition of Third Parties in Healthcare Context
  • Third-Party Management Standards and Practices
  • Third-Party Assessments and Audits
  • Security/Privacy Events
  • Third-Party Connectivity
  • Third-Party Requirements (Internally and Externally)
  • Remediation Efforts

The intended audience for the HCISPP training program is professionals with practical healthcare experience, as well as a foundation in information security, privacy or risk. Typically speaking, HCISPP is ideal for those working in roles such as, but not limited to:


  • Compliance Officer
  • Information Security Manager
  • Privacy Officer
  • Compliance Auditor
  • Risk Analyst
  • Medical Records Supervisor
  • Information Technology Manager
  • Privacy and Security Consultant
  • Health Information Manager
  • Practice Manager

Any questions?

Read our Frequently Asked Questions page or simply send your questions to us directly via our Contact Us page or our Live Chat.

Official HCISPP Training Provider


Sign up and get exclusive VIP offers, discounts, and early bird registration opportunities for our Cloud Security classes!
  • This field is for validation purposes and should be left unchanged.


No public dates are currently scheduled. Request Group Training!


Request Group Training

  • This field is for validation purposes and should be left unchanged.