TOPICS

Course Outline
1. Domain 1: Healthcare Industry
Understand the healthcare environment
Understand third-party relationships
Understand foundational health data management concepts
2. Domain 2: Regulatory Environment
Identify applicable regulations
Understand international regulations and controls
Compare internal practices against new policies and procedures
Understand compliance frameworks
Understand responses for risk-based decision
Understand and comply with code of conduct/ethics in healthcare information
3. Domain 3: Privacy and Security in HealthCare
Understand security objectives/attributes
Understand general security definitions/concepts
Understand general privacy principles
Understand the relationship between privacy and security
Understand the disparate nature of sensitive data handling implications
4. Domain 4: Information Governance and Risk Management
Understand security and privacy governance
Understand basic risk management methodology
Understand information risk management life cycles
Participate in risk management activities
5. Domain 5: Information Risk Assessment
Understand risk assessment
Identify control assessment procedures from within organizational risk frameworks
Participate in risk assessment consistent with role in organization
Participate in efforts to remediate gaps
6. Domain 6: Third-party Risk Management
Understand the definition of third parties in healthcare context
Maintain a list of third-party organizations
Determine when third-party assessment is required
Support third-party assessments and audits
Respond to notifications of security/privacy events
Support establishment of third-party connectivity
Promote awareness of the third-party requirements (internally and externally)
Participate in remediation efforts
Respond to third-party requests regarding privacy/security event.