(ISC)² - Official HCISPP Boot Camp

Exclusive provider of award-winning, authorized (ISC)² CISSP certification boot camps.

Training Information

Duration: 4 days (35 hours)

Course Overview

Our Official (ISC)² HCISPP Boot Camp is a 4-day proprietary course is a comprehensive review of healthcare security and privacy concepts and industry best practices, with a foucus on preparing to achieve HCISPP certification.


As the rapidly evolving healthcare industry faces increasing challenges to keeping personal health information protected – including growing volumes of electronic health records, new government regulations, and a more complex IT security landscape – there is a growing need to ensure knowledgeable and credentialed security and privacy practitioners are in place to protect this sensitive information.


Our course content is designed in partnership with leading experts in the healthcare field, (ISC)², and Training Camp subject matter experts, creating the most comprehensive, complete review of healthcare security and privacy concepts and industry best practices. We have designed the only course in the market that is approved by (ISC)² , will reinforce your knowledge of the HCISPP CBK. and prepare you for on-site delivery of the HCISPP exam at end of course.



Request Quote

What is HCISPP℠ - HealthCare Information Security and Privacy Practitioner?

HCISPPs provide the frontline defense in protecting health information. Backed by (ISC)², a global not-for-profit organization that delivers the gold standard for information security certifications, the HCISPP credential confirms a practitioner’s core knowledge and experience in security and privacy controls for personal health information.

Training Camp's (ISC)² HCISPP Boot Camp Highlights

Only (ISC)² Official Boot Camp Training Provider

- Training Camp is the only approved accelerated training partner for (ISC)². We are held to the highest level of quality assurance for all of our (ISC)² program offerings.


Customized 100% Updated Official (ISC)² Courseware

- Courseware designed from the extensive work from (ISC)² Instructors, Training Camp Subject Matter Experts, and feedback from the contributions from (ISC)² members.


(ISC)² Approved HCISPP Certified Instructors

- We utilize (ISC)2 instructors, crossed trained directly by the consortium & Training Camp. This team uses this direct exam access unavailable to other company, and is committed to delivering the highest standard in cyber security training. Ever wonder how "HCISPP" trainers know what is on a test they should have only taken once?


Detailed Evening Review & Official (ISC)² Practice Exam

- This zero-distraction, accelerated review includes value-added evening review sessions & official (ISC)2 practice exams - representative of the actual exam questions from (ISC)², not from a "self-proclaimed" expert.


Hosted Onsite Official HCISPP Exam

- We host the official (ISC)² HCISPP exam at the end of the class for our students. These examinations are delivered at our site - with (ISC)2 approval - not at 'local' testing centers that are subject to seat availability. This is a perk of being a student with an Official Training Provider.


Why choose Training Camp for your HCISPP Training

You will learn more

A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Training Camp our goal is not to "get you out early", but to provide you with as much access as you need to learn and prepare for the HCISPP exam taken at the end of class. Your success towards earning HCISPP certification is our benchmark.


You will learn & certify faster

Chances are, you will have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the Official (ISC)² material in a way that ensures you will learn faster and more easily, and leave with HCISPP exam completed at the end of class.


You will do more than study courseware

We use relevant scenario labs, case studies and Official (ISC)² practice tests to make sure you can apply your new knowledge not just to the new HCISPP exam, but to your work environment after class. Our instructors also use creative demonstrations about real-world application of topics to keep the day interesting and engaging along the way.


We have proven results

For over 12 years, Training Camp has provided more (ISC)² certification programs than any other company in the market, picked by (ISC)² as the Exclusive Education Provider of approved examp preparation programs. This experience helps prepare our students better than any other provider, with a pass rate of over 95%.


Course Formats

Public Classroom Training

Live, instructor-led HCISPP certification training at our training facilities with HCISPP testing onsite.


Private Onsite/Group Training

Train large or small groups privately, efficiently, and cost effectively with tailored curriculum delivered to your facility, at a location of your choice with HCISPP certification testing.


100% (ISC)² HCISPP Certification Guarantee

Not that we plan on you needing it, but if a student completes our (ISC)² HCISPP prep course without having successfully passed the HCISPP exam after our onsite HCISPP testing, the student may re-attend that program for a period of up to one year, and also take advantage of our award winning instructors for mentoring.


Is HCISPP Certification Right For Me?

If you are looking to learn more about healthcare security, privacy and protecting patient health information, then the HCISPP Certification is the right choice for you.




Training Camp's Official (ISC)² HCISPP 4-Day Curriculum


The following curriculum is authorized by (ISC)² and prepares students for on-site delivery of the following exam:

  • Official (ISC)² HCISPP Examination

HCISPP candidates must have a minimum of two years of cumulative experience in one domain of the credential with the exception that one year of the cumulative experience must be in any combination of the first three domains in Healthcare (Healthcare Industry, Regulatory Environment in Healthcare, and Privacy & Security in Healthcare). The remaining one year of experience can be optionally in any of the remaining three HCISPP domains (Information Governance and Risk Management, Information Risk Assessment, and Third Party Risk Management), and does not have to be related to the Healthcare Industry.


Healthcare Industry

The healthcare industry is exceedingly diverse, consisting of various organizations such as small physician practices and large health systems, laboratories, pharmaceuticals, biomedical companies, private and public payers, regulators and public health organizations, all of which rely on the efficient and effective exchange of patient-related information. HCISPP candidates should be able to understand the diversity of the healthcare industry, the types of technologies and flows of information that require various levels of protection, and how healthcare information is exchanged within the industry.


Key Areas of Knowledge

  • Understand the Healthcare Environment
  • Understand Third-Party Relationships
  • Understand Foundational Health Data Management Concepts

Regulatory Environment

Patient treatment, payment, operations and related healthcare functions such as data analytics and research often require the routine exchange of sensitive patient health information. As a result, the healthcare industry receives a significant amount of oversight in many countries around the globe, and there are numerous laws, regulations, and best practice frameworks that specifically address the privacy and security of patient health information impacting what, when, how and with whom this information may be exchanged. HCISPP candidates should be able to identify and understand relevant legal and regulatory requirements related to health information, including requirements for trans-border data exchange, and help ensure their organization’s policies and procedures are in compliance.


Key Areas of Knowledge

  • Identify Applicable Regulations
  • Understand International Regulations and Controls
  • Compare Internal Practices Against New Policies and Procedures
  • Understand Compliance Frameworks (e.g., ISO, NIST, Common Criteria, IG Toolkit, Generally Accepted Privacy Principles [GAPP])
  • Understand Responses for Risk-Based Decision
  • Understand and Comply With Code of Conduct/Ethics in a Healthcare Information Environment

Privacy and Security in Healthcare

Healthcare organizations continue to face a multitude of challenges, not the least of which is the need to apply a reasonable standard of due care and due diligence to safeguard the confidentiality, integrity and availability of healthcare information and comply with the inherent right of patients and their families to privacy—the freedom from unwanted intrusion into one’s personal affairs. HCISPP candidates should have a basic understanding of security and privacy concepts and principles, the relationship of security and privacy, and the types of information requiring protection in the healthcare industry.


Key Areas of Knowledge

  • Understand Security Objectives/Attributes
  • Understand General Security Definitions/Concepts
  • Understand General Privacy Principles (e.g., OECD Privacy Principles, GAPP, PIPEDA, UK Data Protection Act 1998)
  • Understand the Relationship Between Privacy and Security
  • Understand the Disparate Nature of Sensitive Data and Handling Implications

Information Governance and Risk Management

The healthcare environment can be exceedingly complex due to escalating threats and the myriad ways in which information must be utilized to provide patient-centered care, improve clinical outcomes, and support business goals and objectives. These challenges exist for all types of healthcare organizations, whether a large insurance conglomerate or small physician practice group, and the cost of managing information-related risk continues to grow. Organizations must formally establish and be actively engaged with their security and privacy programs to address these challenges and ensure appropriate levels of due diligence and due care are provided for the cost-effective protection of sensitive health-related information. HCISPP candidates should understand how organizations manage information risk through security and privacy governance, basic risk management methodology and lifecycles, and the principle risk activities they are likely to support.


Key Areas of Knowledge

  • Understand Security and Privacy Governance
  • Understand Basic Risk Management Methodology
  • Understand Information Risk Management Life Cycles (e.g., NIST, CMS, ISO)
  • Participate in Risk Management Activities

Information Risk Assessment

One of the most important aspects of risk management is the assessment of risk. It occurs early in the risk management lifecycle in the initial selection of security and privacy safeguards, when those safeguards are initially implemented, periodically thereafter, and when risk treatments are considered due to a loss of effectiveness or when new risks are identified. HCISPP candidates should understand risk assessment concepts, and be able to identify and participate in risk assessment practices and procedures in their organization.


Key Areas of Knowledge

  • Understand Risk Assessment
  • Identify Control Assessment Procedures From Within Organization Risk Frameworks
  • Participate in Risk Assessment Consistent With Role in Organization
  • Participate in Efforts to Remediate Gaps

Third Party Risk Management

The flow of information between a healthcare organization and external third parties can present significant security, privacy and compliance-related risks due to the complex relationships required to support patient treatment, payment, operations and related healthcare functions such as data analytics and research. As such, organizations should proactively manage third party risks through a robust third party risk management program. HCISPP candidates should be able to identify third party relationships based on their use of health information, help manage third party relationships, and determine when additional security and privacy assurances are required. Candidates should also be able to support the assessment of third parties, respond to third party security and privacy events, and participate in the mitigation of third party risks.


Key Areas of Knowledge

  • Understand the Definition of Third Parties in Healthcare Context
  • Maintain a List of Third-Party Organizations
  • Apply Third-Party Management Standards and Practices for Engaging Third Parties Based Upon the Relationship With the Organization
  • Determine When Third-Party Assessment Is Required
  • Support Third-Party Assessments and Audits
  • Respond to Notifications of Security/Privacy Events
  • Support Establishment of Third-Party Connectivity
  • Promote Awareness of the Third-Party Requirements (internally and externally)
  • Participate in Remediation Efforts
  • Respond to Third-Party Requests Regarding Privacy/Security Events


Training Camp offers the highest quality education and certification training course package specifically designed for the needs and ease of our students. No matter the location or delivery method of the course, we attend to every detail so our students can focus solely on learning and certification objectives.

 Boot Camp Certification Delivery Expert Instruction
Our instructors – ranging from renowned authors to senior information technology professionals - draw on an average of 15+ years of experience in the fields in which they teach.
 Exam Voucher and Certification Testing On-Site Certification Testing
Training Camp is an authorized testing center for most major vendor exams, allowing students to take exams as soon as they are ready at class.
 Training Hotel Package Hospitality Packages
Some of our locations offer optional hotel & travel packages,featuring round trip airfare for select boot camp courses.
 Curriculum Award-Winning Courseware
Our ideas™ methodology design focuses on achieving learning goals for any topics or exams required from all of our courses, for use in and beyond the classroom.
Extended  Certification Training Lab Access 100% Up To Date Content
Training Camp's award-winning curriculum team delivers courseware comprised of a mix of proprietary and partner-driven content to successfully prepare our students for exam success.
 Certification Boot Camp Training Guarantee Certification Pass Guarantee
Certification exam protection, online mentoring, and course re-sits are available options for all of our programs to get you to your outcome.
Should a student complete any of our (ISC)² - Official HCISPP Boot Camp Training Camp Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year. Students will only be responsible for accommodation and vendor exam fees.

*Examination vouchers & on-site testing is not available for PMP, CISA, CISM, and CRISC boot camps.

Training Camp is proud to share in our students' success. Here is what they are saying about us:

Processing ...
View  Training Schedule and Pricing
Download Brochure
Request Quote
Add to Cart