The HealthCare Information Security and Privacy Practitioner (HCISPP) standard has been put together by information security body ISC² as a means of providing an industry-wide qualification for those handling sensitive data.
Tim Wilson, a member of ISC² and deputy head of ICT at NHS City and Hackney, told V3 that the need for such a qualification has come about as growing amounts of sensitive digital data is being collected by healthcare organisations.
“The changes that are going on in healthcare, such as the move to go paperless and rising cloud use, means there is real need for this type of standard," he said.
“As such several members of CISPP met up on a number of occasions in various places over the world and hammered out the details of what it should cover and the areas we need to be testing.”
The course sets out to cover six main areas that affect the collection, storage and use of data that healthcare professionals need to ensure they are fully component on. These include:
- Healthcare industry
- Regulatory environment
- Privacy and security in healthcare
- Information governance and risk management
- Information risk assessment
- Third party risk management
“If you look around the world the standards in most areas are based on very similar ideals. This means you are going to have to revise for this certification, it’s not just something you can walk into,” he said.
To sit the exam healthcare staff will need at least two years of experience in a relevant role and at least one of these two years must have been in the healthcare profession.
The exam consists of 125 multiple choice questions based on a mixture of straight knowledge and scenario-based situations. No pass mark has been made public for those who sit the exam.
The course could prove popular within the NHS and related healthcare fields as numerous data blunders have affected the sector over the years, leading to many fines from the Information Commissioner’s Office.
No comments:
Post a Comment