HITRUST Academy

HITRUST Academy offers the only training courses designed to educate healthcare security professionals about information protection in the healthcare industry and the utilization of the HITRUST Common Security Framework (CSF) to manage risk. The courses are intended to prepare security professionals for assessing against the evolving compliance landscape shaped by HITECH, HIPAA, CMS and various other federal, state and business requirements.

HITRUST Academy courses are recommended for any security professional from a healthcare organization that is responsible for protecting health information or is planning to implement the CSF and prepare for a self or third party assessment.

Courses offered through HITRUST Academy include Practical Applications for Health Information Protection, and Practical Applications for the CSF and CSF Assurance Program.

Practical Applications for Health Information Protection

Content for this course is delivered at the participants convenience via an online learning management system and takes approximately eight hours to complete. The course is recommended for all employees involved in health information protection. Completion of the course is a prerequisite for attending any onsite course.

Topics include:

  • Overview of the healthcare industry, including key players and how they interconnect
  • Analysis and discussion of trends in the industry relating to privacy and security (e.g., challenges and constraints, top concerns and initiatives)
  • Overview of the regulatory landscape that affects healthcare organization (e.g., compliance agencies, standards, regulations)
  • Review of market dynamics and the challenges facing healthcare
  • Introduction to HITRUST and the CSF
  • Discussion of risk management and its relation to the CSF
  • Review of the CSF Assurance Program

Practical Applications for the CSF and CSF Assurance Program

Content for this course is delivered by an instructor in a classroom setting in Frisco, Texas, and includes in-depth instruction on risk management practices, and how to implement the CSF and utilize the methodology to perform assessments and validate compliance. The curriculum is supported by case studies, hands-on learning and real-world application of the knowledge learned. The course is recommended for professionals preparing to implement the CSF and prepare for a self or third party assessment.

Attendees must have completed Practical Applications for Health Information Protection within the last six months and should come equipped with a personal computer running a Windows Operating System.

Topics include:

  • Thorough review of the structure of the CSF, including the control objectives, multiple levels of implementation requirements, risk factors and authoritative sources cross referenced
  • Detailed explanation of MyCSF, including a review of each component and case studies with hands-on use of each component
  • Overview of the CSF Assurance Programs as a means of managing and communicating security internally and with third parties (e.g., business associates, customers, vendors)
  • Introduction to the tools and methodology for utilizing the CSF
  • Discussion of best practices for adoption and performing an assessment
  • Explanation of the differences between CSF Validated and CSF Certified and the value to an organization
  • A review of the requirements for CSF certification

The course is required for individuals working as part of a HITRUST CSF Assessor organization who wish to provide HITRUST and CSF-related services. Attendees must pass the Practitioner Exam delivered on the final day of the course in order to become a Certified CSF Practitioner (CCSFP).

Schedule and Pricing

The cost for Participants in Practical Applications for Health Information Protection is $2,000; the total cost for both courses is $3,000.

HITRUST offers organizations a one-year unlimited use license for their employees to participate in Practical Applications for the CSF. Organizations may also host at their own location Practical Applications for the CSF and CSF Assurance Program. Please contact HITRUST for pricing.

Click here to view the onsite schedule for Practical Applications for the CSF and CSF Assurance Program.

For more information on HITRUST Academy courses, please call 469.269.1110 or email education@HITRUSTalliance.net.

Download the course information sheet to learn more.

Training Details

Schedule
HITRUST Academy Home

Access the CSF

The CSF is available as a PDF through HITRUST Central or with a subscription to MyCSF, a secure, Web-based solution for performing assessments, managing remediation activities, and reporting and tracking compliance.

MyCSF
HITRUST Central

CSF Assurance Program

Learn how the program simplifies compliance assessment and reporting through a common set of information security requirements.

News Events