(ISC)² HCISPP Training Course


Course Overview

Jumpstart your healthcare cybersecurity career with the only certification that combines cybersecurity skills with privacy best practices and techniques. Our three-day (ISC)² Healthcare Information Security and Privacy Practitioner (HCISPP) bootcamp provides a deep dive into healthcare security and privacy concepts, as well as industry best practices. We’ll take a comprehensive look at this complex regulatory environment, and cover the six domains of the (ISC)² HCISPP Common Body of Knowledge (CBK) that are central to the certification exam.


Live Instructor


Our most interactive learning mode provides maximum face-to-face interaction.

From $2790

Live Online


Delivered by a live instructor - you attend virtually from your home or office.

From $2790


Group Training


Bring our world-class instructors on site to deliver interactive HCISSP training to your whole team.



No public courses are currently scheduled, but we can deliver this course onsite at your location. Contact us for a quote.

Need training for a group?


This course features an in-depth look at the six (ISC)² HCISPP domains (Healthcare Industry, Regulatory Environment, Privacy and Security in Healthcare, Information Governance and Risk Management, Information Risk Assessment, and Third-Party Risk Management) that largely make up the (ISC)² HCISPP certification exam.

While there aren’t any formal prerequisites to take the (ISC)² HCISPP training course itself, it is recommended that attendees have at least two years of experience in one or more of the security, compliance, or privacy knowledge areas. Compliance experience may be substituted with legal experience, and privacy experience can be replaced with information management experience. Of the two years of required experience, one of the years must be in the healthcare industry.

It’s a 4-day bootcamp training course.

Individuals who hold the PMP certification will earn 32 PDUs through the training course.

You’ll get a course book, practice (ISC)² HCISPP exam questions, and an exam voucher. Of course, your tuition also includes priceless group activities, as well as discussions and bagels.

Our (ISC)² HCISPP training course is designed for IT professionals that want to build their expertise and be at the forefront of patient health information protection. That said, it’s a good course for anyone interested in learning more about the six domains or sitting for the (ISC)² HCISPP certification exam.

The HCISPP exam uses Computerized Adaptive Testing (CAT) for all English exams. HCISPP exams in all other languages are administered as linear, fixed-format exams.

Length of exam: 3 hours
Number of questions: 125 multiple choice
Passing grade: 700 or higher

As an (ISC)² member or associate, you must earn CPEs to actively maintain your healthcare security certification. All CPE activities must be completed or earned during the three years of each certification cycle and no later than the certification expiration date (the end of your certification cycle).

At the end of the three-year certification cycle, when both required CPE credits and Annual Maintenance Fee (AMF) payment requirements are met, your membership will renew to a new three-year certification cycle.


This session of our (ISC)² HCISPP training covers understanding the diversity of the healthcare industry, types of technologies involved, information flow, and protection levels. We’ll also cover third-party relationships, the healthcare environment, and health data management concepts.

We’ll focus on the identification and understanding of related regulatory and legal requirements, and organizational policies and compliance procedures. This session also covers international regulations and controls, internal practices compared to new policies and procedures, compliance frameworks and generally accepted privacy principles, and applicable regulations.

This domain focuses on providing students with an understanding of the concepts and principles of healthcare security and privacy, as well as the protection of various types of information. We’ll also cover security objectives and attributes, the relationship between privacy and security, general security concepts, general privacy principles, and the disparate nature of sensitive information and its implications.

This component of our (ISC)² HCISPP training includes how to manage information risk through the governance of security and privacy, risk management lifecycles, and principle risk activities. We’ll also cover security and privacy governance, risk management activities, information risk lifecycles, and basic risk management methodologies.

We’ll take a deep dive into understanding the concept of risk assessment, as well as identifying and participating in risk assessment practices and processes, identifying the control assessment procedures, and how to remediate gaps.

You’ll learn how to identify suitable third-party based information, manage relationships with third-parties, and how to determine when the requirement of additional security and privacy assurances are needed. This course focuses on third-party requirements, third-party management standards, third-party connectivity, third-party assessments and audits, security/privacy events, remediation efforts, and healthcare definitions of third-parties.

Why Beyond20

How We Teach

People learn differently, so we use a variety of methods to teach concepts throughout the course. In addition to exam preparation and practice quizzes, you'll engage in round-table discussions, group exercises, and games designed to give practical context to the concepts. We take this approach not only because it's more interesting and fun than simply memorizing vocabulary, but because it works.

All of our instructors are experienced practitioners with real world cyber security expertise. (Real experience, too. Like, former-CIO-level experience.)

We're a US-based organization with offices in DC, Phoenix, and San Diego.

Industry-Leading Course Materials

All of our courseware is reviewed multiple times a year to ensure it's up to date, in line with best practice standards, and effective! We incorporate feedback from students to constantly improve our course books, in-class activities, and (sorry) homework. The goal is to provide you with the tools to not only get you through class and pass the exam, but also to have a reliable reference when you get back to the office.

We don't just teach to the exam (though we certainly do that), we also give you practical and personalized tools you can take back to work.

We're a Registered Education Provider with PMI, so if you're PMP Certified, the course will earn you PDUs!

Related Resources