In this course, managers are introduced to essential information security principles and concepts. These concepts are critically important in the healthcare sector as a data breach can have far-reaching consequences for individuals and organizations. Beyond financial losses and the embarrassment of having personal information exposed online, a security breach in healthcare can result in a patient becoming seriously injured or killed.
This course is designed to help managers navigate crucial cybersecurity concepts as applied to HITECH and HIPAA-covered entities. Learners will explore the reasons why breaches occur, the motivation of attackers, and how to protect Personal Health Information (PHI) while it is in use, in storage, and in transit across a network.
- Discuss the importance of information security/cybersecurity as it pertains to healthcare entities
- Explain why certain security trends are increasing and how the top internal and external threats can be mitigated
- Demonstrate how the CIA triad and security governance tools can be applied in an organization
- Illustrate various healthcare laws and standards and employ the most appropriate compliance resources for one's organization
- Describe physical security controls that enhance security
- Assess various access and identity management controls, including knowledge, possession, and inherence-based techniques
- Compare and contrast administrative, technical, physical, and audit controls
- Differentiate between cryptosystems, ciphers, digital signatures, and hashes
- Demonstrate how risk management principles and frameworks are combined to reduce risk
- Explain how you would create a continuity of operations plan (COOP) and incorporate an effective disaster recovery plan (DRP)
- Apply incident management, forensic investigation, and audit principles
- Prepare for common cybersecurity attacks through security awareness training and mitigate these using best practices
IACET CEUs: .5 (Contact Hours: 5 hours)