HITRUST Academy offers the only training courses designed to educate healthcare security professionals about information protection in the healthcare industry and the utilization of the HITRUST Common Security Framework (CSF) to manage risk. The courses are intended to prepare security professionals for assessing against the evolving compliance landscape shaped by HITECH, HIPAA, CMS and various other federal, state and business requirements.
HITRUST Academy courses are recommended for any security professional from a healthcare organization that is responsible for protecting health information or is planning to implement the CSF and prepare for a self or third party assessment.
Courses offered through HITRUST Academy include Practical Applications for Health Information Protection, and Practical Applications for the CSF and CSF Assurance Program.
Practical Applications for Health Information Protection
Content for this course is delivered at the participants convenience via an online learning management system and takes approximately eight hours to complete. The course is recommended for all employees involved in health information protection. Completion of the course is a prerequisite for attending any onsite course.
- Overview of the healthcare industry, including key players and how they interconnect
- Analysis and discussion of trends in the industry relating to privacy and security (e.g., challenges and constraints, top concerns and initiatives)
- Overview of the regulatory landscape that affects healthcare organization (e.g., compliance agencies, standards, regulations)
- Review of market dynamics and the challenges facing healthcare
- Introduction to HITRUST and the CSF
- Discussion of risk management and its relation to the CSF
- Review of the CSF Assurance Program
Practical Applications for the CSF and CSF Assurance Program
Content for this course is delivered by an instructor in a classroom setting in Frisco, Texas, and includes in-depth instruction on risk management practices, and how to implement the CSF and utilize the methodology to perform assessments and validate compliance. The curriculum is supported by case studies, hands-on learning and real-world application of the knowledge learned. The course is recommended for professionals preparing to implement the CSF and prepare for a self or third party assessment.
Attendees must have completed Practical Applications for Health Information Protection within the last six months and should come equipped with a personal computer running a Windows Operating System.
- Thorough review of the structure of the CSF, including the control objectives, multiple levels of implementation requirements, risk factors and authoritative sources cross referenced
- Detailed explanation of MyCSF, including a review of each component and case studies with hands-on use of each component
- Overview of the CSF Assurance Programs as a means of managing and communicating security internally and with third parties (e.g., business associates, customers, vendors)
- Introduction to the tools and methodology for utilizing the CSF
- Discussion of best practices for adoption and performing an assessment
- Explanation of the differences between CSF Validated and CSF Certified and the value to an organization
- A review of the requirements for CSF certification
The course is required for individuals working as part of a HITRUST CSF Assessor organization who wish to provide HITRUST and CSF-related services. Attendees must pass the Practitioner Exam delivered on the final day of the course in order to become a Certified CSF Practitioner (CCSFP).
Schedule and Pricing
The cost for Participants in Practical Applications for Health Information Protection is $2,000; the total cost for both courses is $3,000.
HITRUST offers organizations a one-year unlimited use license for their employees to participate in Practical Applications for the CSF. Organizations may also host, at their own location, Practical Applications for the CSF and CSF Assurance Program. Attendance is limited to employees of the hosting organization. For more information, please contact email@example.com.
For more information on HITRUST Academy courses, please call 469.269.1110 or email education@HITRUSTalliance.net.