Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.
Save up to 30% on print and eBooks.
HCISPP Study Guide
1st Edition - December 10, 2014
Authors: Timothy Virtue, Justin Rainey
Language: English
Paperback ISBN:9780128020432
9 7 8 - 0 - 1 2 - 8 0 2 0 4 3 - 2
eBook ISBN:9780128020890
9 7 8 - 0 - 1 2 - 8 0 2 0 8 9 - 0
The HCISPP certification is a globally-recognized, vendor-neutral exam for healthcare information security and privacy professionals, created and administered by ISC². The new HC…Read more
Purchase options
LIMITED OFFER
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
The HCISPP certification is a globally-recognized, vendor-neutral exam for healthcare information security and privacy professionals, created and administered by ISC². The new HCISPP certification, focused on health care information security and privacy, is similar to the CISSP, but has only six domains and is narrowly targeted to the special demands of health care information security.
Tim Virtue and Justin Rainey have created the HCISPP Study Guide to walk you through all the material covered in the exam's Common Body of Knowledge. The six domains are covered completely and as concisely as possible with an eye to acing the exam. Each of the six domains has its own chapter that includes material to aid the test-taker in passing the exam, as well as a chapter devoted entirely to test-taking skills, sample exam questions, and everything you need to schedule a test and get certified. Put yourself on the forefront of health care information privacy and security with the HCISPP Study Guide and this valuable certification.
Provides the most complete and effective study guide to prepare you for passing the HCISPP exam - contains only what you need to pass the test, and no fluff!
Completely aligned with the six Common Body of Knowledge domains on the exam, walking you step by step through understanding each domain and successfully answering the exam questions.
Optimize your study guide with this straightforward approach - understand the key objectives and the way test questions are structured.
IT security professionals, consultants, and administrators; network administrators and IT managers; security managers and analysts; Directors of Security; healthcare administrators and IT managers; privacy managers; anyone taking the HCISPP exam
Dedication
Author Bio
Technical Editor Bio
Preface
Acknowledgments
Chapter 1: Introduction
Abstract
Background
Chapter 2: Healthcare Industry
Abstract
Healthcare systems
Healthcare organizations
Healthcare provider
Organized physician services
The National Provider Identifier (NPI)
Pharmaceutical industry
Payers
Electronic Data Interchange (EDI)
Value-Added Networks (VANs)
Health insurance exchanges
Business associates
Health Information Technology (HIT)
Medical devices
Meaningful use regulations
Electronic health record
Personal health record
Health insurance
Payment models
Healthcare coding
Systematized Nomenclature of Medicine (SNOMED) – Clinical Terms (CT)
Medical billing
HIPAA transaction and code sets
National Uniform Billing Committee (NUBC)
Healthcare clearinghouse
Workflow management
Regulatory environment
Public health reporting
Clinical research
Authorization and informed consent
Institutional review boards
Healthcare records management
Data sharing
Understanding external third-party relationships
Information flow and life cycle in the healthcare environments
Health data characterization
Healthcare Provider Taxonomy Codes
Data analytics
Data interoperability and exchange
Integrating the Healthcare Enterprise
Health Level Seven International
Digital Imaging and Communications in Medicine (DICOM)
Legal medical records
Definitions
Practice Exam
Chapter 3: Regulatory Environment
Abstract
Legal issues that pertain to information security and privacy for healthcare organizations
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Select elements and definitions
The American Recovery and Reinvestment Act (ARRA) of 2009
International standards
A culture of privacy and security
Organizational-level privacy and security requirements
Data breach regulations
Penalties and fees
45 CFR 164.514: HIPAA Privacy Rule (the de-identification standard and its two implementation specifications)
Information flow mapping
Monitoring PHI information flows
Jurisdictional implications
Data Use and Reciprocal Support Agreement (DURSA)
Data subjects
Data ownership
Legislative and regulatory updates
Treaties
Industry-specific laws
Policies, procedures, standards, and guidelines
Common security and privacy compliance frameworks
ISO
National Institute of Standards and Technology (NIST)
NIST Interagency Reports (IRs)
Common Criteria
Common criteria–certified product categories
The Information Governance (IG) Toolkit
Generally Accepted Privacy Principles (GAPP)
Health Information Trust Alliance (HITRUST)
SANS critical security controls
Risk-based decision making
Compensating controls
Control variance documentation
Residual risk tolerance
Organizational code of ethics
(ISC)2 code of ethics
Sanctions
Definitions
Practice Exam
Chapter 4: Privacy and Security in Healthcare
Abstract
Introduction
Security principles
General privacy principles
Relationship between privacy and security
The disparate nature of sensitive data and handling implications
Key terms
Practice Exam
Chapter 5: Information Governance and Risk Management
Abstract
Introduction
Understanding security and privacy governance
Understanding risk management methodology
Information risk management life cycle and activities
Key terms
Practice Exam
Chapter 6: Information Risk Assessment
Abstract
Introduction
Understanding risk assessment
Assessment procedures
Risk assessment process
Risk response and remediation
Key terms
Practice Exam
Chapter 7: Third-Party Risk Management
Abstract
Introduction
Definition of third parties
Inventory
Management standards and practices
Risk assessment
Assessment and audit support
Incident notification and response
Establishing connectivity
Promoting awareness of requirements
Risk remediation
Key terms
Practice Exam
Index
No. of pages: 210
Language: English
Edition: 1
Published: December 10, 2014
Imprint: Syngress
Paperback ISBN: 9780128020432
eBook ISBN: 9780128020890
TV
Timothy Virtue
Tim Virtue (HCISPP, CISSP, CIPP/G, CISA, CCSK, CFE, CSM) is a global information security, privacy and risk management executive. Tim has extensive experience with publicly traded global corporations, privately held businesses, government agencies, and non-profit organizations of all types and sizes. Tim holds an Executive Master of Science in Information Systems Technology degree from George Washington University and a Bachelors of Science in Criminal Justice degree with a concentration in Security Management from Northeastern University.
He currently serves as the Chief Information Security Officer (CISO) for Texas.gov.
Affiliations and expertise
Chief Information Security Officer (CISO) at Texas.gov.
JR
Justin Rainey
Justin C. Rainey (CISSP, CIPP/US) is a global information security, privacy and technology risk management leader whose entire professional career has focused on the protection of non-public information. Justin began his career in 1998 providing security and technical support for an independent school district and over the past 16 years gained security and privacy experience in various areas including healthcare, research, education, telecommunications, retail, banking, insurance, and investment management. He currently serves as Information Security Manager for a global Investment Management firm and is pursuing a Bachelor of Science degree in Political Science at the University of Houston. Justin resides in Houston, Texas with his wife Jill and their two dogs Austin and Mariette.
Affiliations and expertise
(CISSP, ISC2, CIPP/US, IAPP), Advisory Board Member at SecureWorld Expo