(ISC)2 launches security credential for healthcare

Information security body (ISC)2 has launched a certification for security practitioners in the healthcare industry

Information security body (ISC)2 has launched a certification for security practitioners in the healthcare industry.

The HealthCare Information Security and Privacy Practitioner (HCISPP) is the first foundational global standard for assessing information security and privacy expertise in the healthcare industry.

For the UK, the HCISSP reflects and builds on the principles outlined in the NHS Information Governance toolkit as a result of the contributions of (ISC)2 members who work in the NHS.

“In the NHS, information governance is the responsibility of every employee,” said Tim Wilson, an NHS IT director

“The HCISPP encourages the appreciation of information governance as the healthcare sector across Europe strives towards a digital environment,” he said.

In the UK alone, said Wilson, the current drive towards electronic patient records and eventually a paperless NHS makes it critical for professionals to have the skills and knowledge to grasp the intricacies and best practices of ensuring the security and privacy of healthcare patients.

Experts from the (ISC)² membership and industry leaders from organisations in Hong Kong, Europe and the US have contributed to the knowledge foundation of the new credential.

The need for this certification has been driven by the healthcare industry’s move from paper-based processes to a connected electronic environment.

Security breaches related to the loss of patients' records highlight the need for new skills in the complex area of patient records security, which encompasses IT, security and regulatory compliance.

To attain the HCISPP, applicants must have a minimum of two years of experience in one knowledge area of the credential that includes security, compliance and privacy.

One of the two years of experience must be in the healthcare industry and all candidates must demonstrate competencies in six areas, including privacy and security in healthcare, information governance and risk management.

“The HCISPP credential was developed based on direct feedback from our membership and industry luminaries from around the world, working in healthcare who have observed the evolving complexity of information risk management in the industry as online system migration and regulations increase,” said Hord Tipton, executive director of (ISC)².

HCISPP helps security practitioners to:

  • Validate their experience, skills, and competency as a healthcare security and privacy practitioner;
  • Demonstrate the qualifications to implement, manage, and/or assess the appropriate security and privacy controls for healthcare organisations;
  • Advance their career with a certification that establishes foundational knowledge and competency in health information security and privacy best practices;
  • Enhance their credibility as a healthcare information security and privacy practitioner.

For organisations, HCISPP offers to:

Read more on Privacy and data protection