HealthInfoSec Credential in Development

Training, Testing Could be Available Next Year
HealthInfoSec Credential in Development

Next year, healthcare information security professionals - and those who want to enter the field - may have the opportunity to earn a new credential to verify their expertise.

See Also: Live Webinar | The Role of Passwords in the Hybrid Workforce

(ISC)², which already issues the Certified Information Systems Security Professional, or CISSP, credential, is working with the Health Information Trust Alliance to develop the new healthcare-specific certification. If all goes according to plan, training and testing could be available by the second or third quarter of 2013, says Daniel Nutkis, CEO at HITRUST, a non-profit educational group best known for its Common Security Framework, a free guide to implementing security controls to comply with various regulations, including HIPAA.

Preparation Work

In January, (ISC)² and HITRUST will convene a meeting of experts to begin discussing metrics for the qualifications of healthcare information security professionals. Eventually, HITRUST will offer a training program for those preparing to take an exam to earn the new (ISC)² healthcare-specific credential, Nutkis explains.

"CISSP is a great credential, but it's very technical in nature," Nutkis says. Testing to earn the new healthcare credential will go beyond measuring technical aptitude to also assess expertise in relevant industry-specific privacy and security regulations, and the necessary policies and procedures to comply with those rules, he adds.

"The new credential will measure a much broader set of skills for anyone implementing or managing systems that contain PHI [protected health information]," Nutkis says.

Improved training and credentialing is needed in light of the ongoing adoption of electronic health records, increasingly sophisticated cybersecurity threats and complex healthcare regulations, says W. Hord Tipton, (ISC)² executive director. "We believe that an organization's privacy and security programs are significantly enhanced when properly trained and experienced individuals are involved," he says.

About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.