The healthcare industry is facing pressure from consumers and regulators to provide services at affordable rates while also protecting the information of their patients. The adoption of the latest technologies is designed to improve overall operations across the board, and introduce levels of efficiency that hasn't existed in healthcare.
(ISC)² (ISC-squared), the world’s largest not-for-profit information security professional body and administrators of the Certified Information Systems Security Professional (CISSP), has launched the HealthCare Information Security and Privacy Practitioner (HCISPPSM) certification, to provide the healthcare industry with the first foundational global standard for evaluating information security and privacy expertise.
This certification will provide a platform for validating healthcare security and privacy practitioners have the expertise and core level knowledge that the industry requires in addressing issues related to security.
In order to develop the Common Body of Knowledge (CBK) for the foundation of the credential for the HCISPP, (ISC)² headed a job task analysis study to determine the scope and content of the credential program. Industry experts from Europe, Hong Kong, and the United States were involved in exam development workshops to contribute in the development.
The HCISPP certification is designed to provide an additional layer of protection to protect the privacy and security of sensitive patient information while acknowledging the level of knowledge in the healthcare privacy profession. This will demonstrate organizations are implementing the appropriate security and privacy controls with a globally recognized gold standard in information security certification.
This certification is given to applicants who have a minimum of two years of experience in security, compliance, and privacy. Legal experience may be substituted for compliance and information management experience may be substituted for privacy, with at least one of the two years being in the healthcare industry.
Candidates have to demonstrate competencies in six common bodies of knowledge fields:
- Healthcare Industry
- Regulatory Environment
- Privacy and Security in Healthcare
- Information Governance and Risk Management
- Information Risk Assessment
- Third Party Risk Management
Taking a proactive stance and introducing policies to improve the industry without legislative regulations goes a long way to make patients more comfortable. By ensuring the experience, skill, and competency of healthcare security and privacy practitioners is properly certified is a step in the right direction
"Over the past few years, the healthcare industry has undergone a major transformation to adjust its compliance management practices and data protection requirements – moving from highly paper-based processes to a digital and more connected working environment. (ISC)2 has introduced this new healthcare credential to help employers bring more qualified and skilled professionals into this industry who can help protect vital patient records and personal data," said W. Hord Tipton, CISSP, executive director of (ISC)².
Edited by
Stefania Viscusi
