Online Training Course
Security Essentials for Health IT
Build critical cybersecurity knowledge and skills needed by health IT teams to protect patient data and reduce organizational risk.
The role of an IT professional is changing–particularly in the healthcare industry where digital transformations and increased connectivity of critical medical equipment has made it the target of cyber attacks. Health IT professionals are increasingly taking on cybersecurity tasks to combat these growing threats, yet often encounter knowledge gaps that inhibit cybersecurity capabilities.
CyberVista’s Security Essentials for Health IT is a five (5) hour, 100% online course designed to teach IT professionals foundational cybersecurity concepts and lexicon, with a specific emphasis on their impact in protecting patient data and reducing risk within healthcare organizations.
Relevant and Specific Training
This course was intentionally designed for IT and cyber-enabled teams within healthcare organizations. From start to finish, our course content addresses cybersecurity threats and vulnerabilities associated with protecting patient data and maintaining medical equipment, while incorporating real-world examples from healthcare cybersecurity and IT leaders.
It is recommended to have some experience in IT or computer networking. However, there are no formal prerequisites.
For individuals who complete the Security Essentials for Health IT course, CompTIA’s Security+ is the perfect introductory cybersecurity certification to demonstrate a firm grasp on foundational cybersecurity concepts and skills. Individuals looking for a deeper dive into cybersecurity concepts as they relate to protecting patient health information, with an emphasis on privacy and compliance specific to the healthcare industry, should pursue (ISC)²’s HCISPP (HealthCare Information Security and Privacy Professional) certification.
Who should take this course?
This introductory course is designed for health IT and entry-level healthcare cybersecurity professionals, and beneficial to individuals who regularly access or maintain sensitive patient data or medical technology.
- Clinical Engineers who need a foundational understanding of cyber threats and vulnerabilities related to maintaining medical equipment.
- IT Help Desk whose daily responsibilities have grown to include cybersecurity tasks.
- Systems or Network Administrators who assess security posture and implement appropriate solutions to combat ransomware and data breaches.
- New or transitioning cybersecurity practitioners who need to develop fundamental cybersecurity skills.
Benefits of Training
Organizations participating in this offering will experience the following major benefits:
- Efficiently build cybersecurity knowledge, skills, and abilities related to health IT responsibilities.
- Increase confidence and ability to converse on, and handle, cybersecurity incidents.
- Close cyber talent gaps by upskilling or reskilling health IT practitioners.
THIS OFFERING INCLUDES
An intelligent solution.
Easily administer a diagnostic assessment is used to determine each team member’s strengths and weaknesses.
Engage with introductory videos, modular lessons, and interviews with Health IT experts.
Take-home activities and hands-on labs reinforce practical applications of security concepts.
Participants conclude training with a final assessment to determine improvement across knowledge and skills.
As a true foundational curriculum, the Security Essentials for Health IT course spans five major domains that establishes foundational cybersecurity knowledge, examines vulnerabilities of an organization’s network and devices from internal and external threats, and common defenses to reduce risk. Click on the sections below to see the expanded topic areas within each domain.
Unit 1: Risk, Privacy, and Data Protection
This unit provides an introduction to cybersecurity, including important industry words and phrases to establish a common lexicon.
- Defining Cybersecurity
- CIA Framework
- CIA Framework Applied to Healthcare
- Defining Risk
- Privileged Access
- Defining Sensitive Data
- Laws, Regulations, and Compliance Initiatives in Cybersecurity
- HIPAA and Cybersecurity
Unit 2: IoT, Cloud, and Critical Networking Protocols
This unit examines insecure aspects of network and device communication, It also highlights the fact that many services and devices are insecure by default and not designed with security in mind.
- The Network
- IoT Devices
- Healthcare IoMT
- Cloud Computing
- Cloud Computing in Healthcare
Unit 3: External and Internal Threats
This unit examines internal and external methods attackers use to exploit vulnerabilities, including technical, network-based attacks (MITM, DoS) and non-technical attacks (social engineering).
- Threat Actors
- Third Parties
- Third Parties in Healthcare
- Social Engineering
- Social Engineering in Healthcare
- Man-in-the-Middle (MITM) Attacks on Healthcare Networks
- DoS Attacks
- Boston Children’s Hospital DDoS
- WannaCry Ransomware
Unit 4: Defenses and Countermeasures
This unit covers common defenses against threat actors, such as VPNs and network segmentation, as well as less technical efforts that can be used across teams and business leaders.
- Network Segmentation
- Network Segmentation in Healthcare
- Securing Telehealth
- Incident Response
- Patch Management
- Patch Management in Healthcare
Unit 5: Communication, Collaboration, and Third-Party Management
This unit covers cloud development environments, secure deployment configurations, and monitoring services configuration.
- Communicating About Cybersecurity
- Communicating with Physicians
- Writing Cybersecurity Reports
- Connection Between IT and Cybersecurity Teams
- Communicating with Third Parties
This course includes:
- 4 hours on-demand training videos
- Practical, hands-on activities
- 15 question diagnostic exam
- 15 question final exam
- 15 knowledge check questions
- Health IT expert interviews
- Performance Tracker
- Summary Video
- Deep-dive into notable breaches and cyber incidents
Request more information on training options for your cybersecurity teams. Private classes are available.
Security Essentials for Health IT FAQs
How is training delivered?
The standard training modality of the course is video-on-demand. Participants have access to all training tools including video lessons, guided labs, knowledge checks, and more within our proprietary LMS for 180-days. Live online instruction is available upon request.
Does this course train towards a certification?
No. While certain units and topics may reflect select certifications, the intended purpose of the Security Essentials for Health IT course is not to prepare for an exam but to cover the foundational concepts, processes, and regulations related to cybersecurity in Health IT.
Who are the instructors of the course?
- Sam Meisenberg, Cybersecurity Instructor, Curriculum Developer, CISSP, Security+, CEH
- David Lehr, Chief Strategy Officer at Meritus Health
- Saad Chaudhry, Chief Information Officer at Luminus Health
- Scott McClure, Sr. Director, Technology at the Graham Holdings Company
Is a certificate of completion available?
Yes! Participants receive a digital badge once they have successfully completed the course. This badge can be displayed on social profiles or email signatures. Click here to learn more about CyberVista’s digital badging.