Cybersecurity is a major concern for any organization that gathers and stores data, but perhaps none so much as those in healthcare.
Besides the usual hacker targets such as credit card, bank account and Social Security numbers, medical professionals also store data most people would consider intimate and private. Stolen health information could be used to threaten a person’s employment or for other blackmail purposes. Insidious cybercrime weapons such as ransomware can shut down a hospital’s operations, potentially endangering lives.
It’s also a huge financial burden: The healthcare industry spends $1.3 billion annually dealing with endpoint security attacks. (An endpoint is the user device at the end of a computer network, such as a desktop or laptop computer.)
The informaticists and data analysts employed by healthcare organizations are acutely aware of the value of the data they work with daily, as well as the dangers to that data presented by cybercriminals.
There are many certifications health IT professionals can pursue in order to add to their skill set and beef up their resumes. One that may prove valuable while helping you make data more secure is IAPP certification.
The International Association of Privacy Professionals is a nonprofit organization dedicated to promoting, researching and improving information privacy. It is considered the largest and most comprehensive global information privacy community and resource. Among IAPP’s efforts are its certifications which, according to the IAPP website, are “specifically designed for professionals who manage, handle and access data.”
The IAPP’s three certifications cover different areas of privacy and are aimed at professionals who work in and are responsible for different functions in an organization. The certifications are:
- CIPP (Certified Information Privacy Professional): IT and business skills company Global Knowledge calls the CIPP “the preeminent credential in the field of privacy.” The CIPP focuses on laws and regulations with five individual variations covering specific regulation of Asia, Europe, Canada, the U.S. government and the U.S. private sector. Candidates who earn the certification should have a knowledge of “global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more,” according to IAPP.
- CIPM (Certified Information Privacy Manager): The CIPM is geared toward privacy leadership. Those professionals responsible for areas such as risk management, accountability and privacy analytics. CIPM Certification covers the creation of a company privacy vision, structuring a privacy team, developing and implementing a privacy program framework, communication with stakeholders, measuring performance and what IAPP refers to as the “privacy program operational lifecycle.”
- CIPT (Certified Information Privacy Technologist): This certification is aimed at privacy specialists, those charged with designing and putting together an organization’s privacy structure. Certification holders will have demonstrated their knowledge of privacy concepts and practices that impact IT; consumer privacy expectations and responsibility; how to initiate privacy in the early stages of IT products and services for cost control, accuracy and speed-to-market; establishing privacy practices for data collection and transfer; preventing privacy issues in the internet of things; factoring privacy into data classification and emerging tech such as cloud computing, facial recognition and surveillance; and communication of privacy issues with the management, development, marketing and legal departments.
As informaticists look to set up a data collection and analysis architecture and analytics professionals examine what to do with and how to share that information, keeping best security and privacy practices top of mind is vital. Attaining an IAPP certification in addition to your degree or graduate certificate is a good way to show employers you possess the necessary body of knowledge regarding privacy best practices.
IAPP continuing Continuing Privacy Education (CPE) credits are also available from a variety of web and in-person conferences, including some that can be earned at the annual HIMSS conference.