DUNS #: 07-985-4198 | Cage Code: 7F5V0 | NAICS Codes: 611310, 611420

Certified Healthcare IS Security Practitioner

4 Days

Price: $2495

Course Schedule


The Certified Healthcare Information Systems Security Practitioner covers the skills and knowledge to implement best IT Healthcare Practices, regulatory compliance and standards in the healthcare industry.

Because of growing industry regulations and privacy requirements in the healthcare industry, the Certified Healthcare Information Systems Security Practitioner was developed by mile2. The CHISSP’s have become vital in managing and protecting healthcare data and are tasked to protect patient information by implementing, managing, and assessing proper IT controls for patient health information integrity.


Upon completion, the student will be ready to take the Certified Healthcare Information Systems Security Practitioner by mile2. In addition, at the end of the CHISSP course, the student will be versed with best practices in the healthcare industry and will be able to establish a framework with current best practices in respects to privacy, regulation and risk management.


  • Information System Security Officers
  • Privacy Officers
  • Health IS Managers
  • Risk Managers
  • Information Security Managers
  • Compliance & Privacy Officers


  • A minimum of 1 year of Healthcare Information Systems


Module 1: Intro to the Healthcare Industry 

  • Healthcare Environment
  • Third-Party Relationships
  • Health Data Management Concepts

Module 2: Regulatory Environment 

  • Applicable Regulations
  • International Regulations and Controls
  • Internal Practices Compared to New Policies and Procedures
  • Compliance Frameworks
  • Risk-Based Decisions
  • Code of Conduct/Ethics

Module 3: Healthcare Privacy & Security Policies

  • Security Objectives/Attributes
  • Security Definitions/Concepts
  • Privacy Principles
  • Disparate Nature of Sensitive Data and Handling Implications

Module 4: Information Governance & Risk Management – How organizations manage information risk through security and privacy governance, risk management lifecycles, and principle risk activities

  • Security and Privacy Governance
  • Risk Management Methodology
  • Information Risk Management Life Cycles
  • Risk Management Activities

Module 5: Information Governance & Risk Assessment 

  • Risk Assessment
  • Procedures from within Organization Risk Frameworks
  • Risk Assessment Consistent with Role in Organization
  • Efforts to Remediate Gaps

Module 6: Third-Party Risk Management 

  • Definition of Third-Parties in Healthcare Context
  • Third-Party Management Standards and Practices
  • Third-Party Assessments and Audits
  • Security/Privacy Events
  • Third-Party Connectivity
  • Third-Party Requirements
  • Remediation Efforts