Online Training Course
(ISC)² HSISPP
CyberVista’s HCISPP Training Course enables practitioners to participate, learn, and partner with other professionals as they prepare to earn the healthcare-specific HCISPP cybersecurity certification.


Who should earn the HCISPP
The HCISPP or HealthCare Information Security and Privacy Professional certification from (ISC)² reflects that an individual is dedicated to protecting patient health information and has a means of working within the inherently complex regulatory environment of the industry.
The HCISPP is unique among cybersecurity certifications in that it is dedicated to the healthcare industry and it also combines cybersecurity subject matter with additional coverage areas of privacy and compliance. Individuals who earn the HCISPP prove that have the knowledge and ability to implement, manage and assess security and privacy controls to protect healthcare organizations.
Compliance Auditor
Compliance Officer
Information Security Manager
Health Information Manager
Information Technology Manager
Medical Records Supervisor
Privacy Officer
Privacy and Security Consultant
Practice Manager
Risk Analyst
Compliance Officer
Information Security Manager
Health Information Manager
Information Technology Manager
Medical Records Supervisor
Privacy Officer
Privacy and Security Consultant
Practice Manager
Risk Analyst
Course Overview
As (ISC)² Official Training Provider, CyberVista’s HCISPP Training Course enables practitioners to participate, learn, and partner with other professionals as they prepare to earn the HCISPP certification. Our courses train for the most up-to-date version of the HCISPP exam.
We offer HCISPP training as a Video On-Demand HCISPP Course that allows participating practitioners to move at their own pace.
Readiness guarantee – CyberVista offers a course readiness or retake guarantee on all Certify courses. If any individual taking this training course does not pass the exam on the first try or does not feel prepared following the completion of the course can retake the course at no additional charge for up to one full year.

Featured CyberVista Instructor:
Sean Murphy
CyberVista’s online HCISPP course is led by featured CyberVista instructor, Sean Murphy. Sean is a leading health IT expert and author of the original and newly released Official HCISPP All-in-One Exam Guide.

This course includes:
- 75 question diagnostic exam
- 125 question final exam
- 60+ 5-15 minute on-demand training videos
- 300+ practice question bank
- Performance Tracker
- Homework Quizzes
- Summary Notes
- Review Videos
- Healthcare industry expert interviews
- Test Day Strategy
Course Outline
Domain 1: Healthcare Industry
- 1.1 Understand the Healthcare Environment Components
-
- 1.1.1 Healthcare Players
- 1.1.2 Healthcare Processes
- 1.1.3 Healthcare Environment Regulation
- 1.1.4 Healthcare Environment Management
- 1.2 Understand Third-Party Relationships
- 1.2 Third-Party Healthcare Relationships
- 1.3 Understand Foundational Health Data Management Concepts
- 1.3.1 Health Data Flow and Characterization
- 1.3.2 Data Interoperability and Exchange
- 1.3.3 Legal Medical Records
Domain 2: Information Governance in Healthcare
- 2.1 Understand Information Governance Frameworks
- 2.1.1 Security Governance
- 2.1.2 Privacy Governance
- 2.2 Identify Information Governance Roles and Responsibilities
- 2.2 Information Governance Roles and Responsibilities
- 2.3 Align Information Security and Privacy Policies, Standards and Procedures
- 2.3 Information Security Alignment
- 2.4 Understand and Comply with Code of Conduct/Ethics in a Healthcare Information Environment
- 2.4.1 Healthcare Code of Ethics/Conduct
- 2.4.2 (ISC)² Code of Ethics
- 2.1 Understand Information Governance Frameworks
Domain 3: Information Technologies in Healthcare
- 3.1 Understand the Impact of Healthcare Information Technologies on Privacy and Security
- 3.1.1 Threat Landscape
- 3.1.2 Oversight, Regulatory, and Communication Challenges
- 3.2 Understand Data Life Cycle Management
- 3.2.1 Data Life Cycle Management
- 3.3 Understand Third-Party Connectivity
- 3.3.1 Trust Models for Third-Party Interconnections
- 3.3.2 Technical Standards for Third-Party Interconnection
- 3.3.3 Connection Agreements for Third-Parties
- 3.1 Understand the Impact of Healthcare Information Technologies on Privacy and Security
Domain 4: Regulatory and Standards Environment
- 4.1 Identify Regulatory Requirements
- 4.1.1 Jurisdictional Issues and Data Breach Regulations Related to Healthcare Resources
- 4.1.2 Protected Personal and Health Information
- 4.1.3 Data Subjects and Research
- 4.2 Recognize Regulations and Controls of Various Countries
- 4.2.1 Health Insurance Portability and Accountability Act (HIPAA)
- 4.2.2 Health Information Technology for Economic and Clinical Health (HITECH)
- 4.2.3 General Data Protection Regulation (GDPR), Data Protection Directive (DPD)
- 4.2.4 Personal Information Protection and Electronic Documents Act (PIPEDA)
- 4.2.5 California Consumer Privacy Act (CCPA)
- 4.2.6 International Treaties
- 4.3 Understand Compliance Frameworks
- 4.3.1 Privacy Frameworks
- 4.3.2 Security Frameworks
- 4.1 Identify Regulatory Requirements
Domain 5: Privacy and Security in Healthcare
- 5.1 Understand Security Objectives/Attributes
- 5.1.1 CIA Triad
- 5.2 Understand General Security Definitions and Concepts
- 5.2.1 Personnel Security Controls
- 5.2.2 Business Continuity and Disaster Recovery
- 5.2.3 Identity and Access Management
- 5.2.4 Logging, Monitoring, and Auditing
- 5.2.5 Data Encryption
- 5.3 Understand General Privacy Definitions and Concepts
- 5.3.1 Privacy Concepts
- 5.3.2 Events, Incidents and Breaches
- 5.3.3 Data Collection Communication
- 5.4 Understand the Relationship Between Privacy and Security
- 5.4.1 Relationship Between Privacy and Security
- 5.5 Understand Sensitive Data and Handling
- 5.5.1 Sensitive Data Categorization
- 5.5.2 Data Sensitivity Mitigation
- 5.1 Understand Security Objectives/Attributes
Domain 6: Risk Management and Risk Assessment
- 6.1 Understand Enterprise Risk Management
- 6.1.1 Enterprise Risk Management
- 6.2 Understand Information Risk Management Framework (RMF)
- 6.2.1 Information Risk Management Framework (RMF)
- 6.3 Understand Risk Management Process
- 6.3.1 Risk Management Process
- 6.3.2 Risk Management Life Cycle and Continuous Monitoring
- 6.3.3 Tools/Resources/Techniques
- 6.3.4 Internal and External Audit/Assessments
- 6.4 Identify Control Assessment Procedures Utilizing Organization Risk Frameworks
- 6.4.1 Control Assessment Procedures Utilizing Organization Risk Frameworks
- 6.5 Participate in Risk Assessment Consistent with the Role in Organization
- 6.5.1Risk Assessment Set Up
- 6.5.2Risk Assessment Follow Up
- 6.6 Understand Risk Response
- 6.6.1 Risk Response
- 6.7 Utilize Controls to Remediate Risk
- 6.7.1 Controls to Remediate Risk
- 6.8 Participate in Continuous Monitoring
- 6.8.1 Continuous Monitoring Roles
- 6.1 Understand Enterprise Risk Management
Domain 7: Third-Party Risk Management
- 7.1 Understand the Definition of Third-Parties in Healthcare Context
- 7.1.1 Third-Parties in the Healthcare Environment
- 7.2 Maintain a List of Third-Party Organizations
- 7.2.1 Third-Party Organizations Documentation
- 7.3 Apply Management Standards and Practices for Engaging Third-Parties
- 7.3.1 Engaging Third-Parties
- 7.4 Determine When a Third-Party Assessment Is Required
- 7.4.1 Third-Party Assessment Triggers
- 7.5 Support Third-Party Assessments and Audits
- 7.5.1 Third-Party Assessments and Audits
- 7.6 Participate in Third-Party Remediation Efforts
- 7.6.1 Third-Party Remediation Efforts
- 7.7 Respond to Notifications of Security/Privacy Events
- 7.7.1 Security/Privacy Events Notification and Response
- 7.8 Respond to Third-Party Requests Regarding Privacy/Security Events
- 7.8.1 Third-Party Requests Regarding Privacy/Security Events
- 7.9 Promote Awareness of Third-Party Requirements
- 7.9.1 Third-Party Requirements Awareness
- 7.1 Understand the Definition of Third-Parties in Healthcare Context
"I would not have passed the CISSP exam without Cybervista! The instructors were knowledgeable and helpful in grasping the material... The weekly online lessons were extremely helpful in breaking down each of the domains covered on the exam. If you follow the study plan provided and put in the time required to understand the major concepts outlined by CyberVista, you’ll pass!"
"When I was training I found myself using CyberVista’s quiz bank a lot, plus they tested me in other ways such as the initial diagnostic exam, the midterm, and the final exam. Getting used to the wording and doing all those practice questions helped me prepare. There was also a system at CyberVista for figuring out my strengths and weaknesses – it honed in on the areas I needed to study more."
"Before CyberVista I was given an opportunity to attend a one-week boot camp. Since my employer was paying for it, I did not hesitate to take advantage of the offer. After that one-week boot camp, I came out of there with more questions than I had going in. I did not feel prepared and the training just simply wasn’t enough. CyberVista’s curriculum is an integration of live online lectures, on-demand videos, and an array of self-study tools–it was just what I needed."
"I can’t afford, time-wise, to sit in a classroom for a whole week. Being able to watch the class, and participate, while trying to put my daughter to sleep, was a big boon. Also, the class was organized really well. The multiple online quizzes that we were able to take, and then learn what areas we needed to study more, was really helpful. Also, the light board technology was great. I found it captivating, and it was actually the reason why I signed up in the first place."
"This was my first time studying for a certification through live online training. There were definitely benefits to taking a live online class. For example, you can take your classes from anywhere with an internet connection. I’m happy the training was spread out leveraging multiple learning tools. It was the balance of all of those different aspects that helped to reinforce concepts and instill a strong comprehension of the CISSP."
"I started with a free self-study course and quickly found the accountability was missing. CyberVista’s live interactive course using the light board was a first for me and a great experience overall. It kept me accountable and engaged. The real-life experience of the instructors was evident and their ability to articulate concepts was great. The value of interacting with other students in this live environment was also a significant benefit. It’s not easy getting folks to participate, but CyberVista made it happen."
"After taking the course back in December, this course gave me the discipline to easily digest all the materials that helped me pass the CISSP. The exam was extremely difficult however, I felt more prepared as this course gives you a strong foundation to tackle most of the concepts. I would strongly recommend taking this course for preparation and success for the CISSP!"
"CyberVista stood by me from beginning to end and made time to provide additional test day strategies that helped me successfully pass the CISSP exam. This is a much better alternative to typical boot camps that try to condense too much material in a short period. I plan to recommend CV to colleagues seeking to obtain the CISSP and other industry certifications."