Healthcare Data Security & Risk Management

Acquérir des compétences de haut niveau avec Coursera Plus pour 199 $ (régulièrement 399 $). Économisez maintenant.

Ce cours n'est pas disponible en Français (France)

Nous sommes actuellement en train de le traduire dans plus de langues.

Healthcare Data Security & Risk Management

Instructeurs : Joy Ardanaz

Inclus avec

6 modules

Obtenez un aperçu d'un sujet et apprenez les principes fondamentaux.

niveau Avancées

Conçu pour les professionnels de ce secteur

9 heures à compléter

Planning flexible

Apprenez à votre propre rythme

6 modules

Obtenez un aperçu d'un sujet et apprenez les principes fondamentaux.

niveau Avancées

Conçu pour les professionnels de ce secteur

9 heures à compléter

Planning flexible

Apprenez à votre propre rythme

Ce que vous apprendrez

Analyze healthcare data protection requirements and evaluate compliance strategies.
Evaluate healthcare cybersecurity threats and design effective security controls.
Apply risk assessment methodologies to healthcare IT environments and develop comprehensive risk management plans.
Create and evaluate incident response and breach management strategies for healthcare organizations.

Compétences que vous acquerrez

Catégorie : Cyber Risk
Catégorie : Risk Management Framework
Catégorie : Incident Response
Catégorie : Security Management
Catégorie : Data Management
Catégorie : Computer Security Incident Management
Catégorie : Incident Management
Catégorie : Medical Privacy
Catégorie : Cybersecurity
Catégorie : Risk Management
Catégorie : Personally Identifiable Information
Catégorie : Regulatory Compliance
Catégorie : Threat Management
Catégorie : ISO/IEC 27001
Catégorie : Cyber Security Assessment
Catégorie : Data Security
Catégorie : Security Controls
Catégorie : Health Information Management
Catégorie : Compliance Management
Catégorie : Health Insurance Portability And Accountability Act (HIPAA) Compliance

Détails à connaître

Certificat partageable

Ajouter à votre profil LinkedIn

Récemment mis à jour !

janvier 2026

Évaluations

4 devoirs

Enseigné en Anglais

Découvrez comment les employés des entreprises prestigieuses maîtrisent des compétences recherchées

En savoir plus sur Coursera pour les affaires

logos de Petrobras, TATA, Danone, Capgemini, P&G et L'Oreal

Il y a 6 modules dans ce cours

In today’s digital healthcare ecosystem, patient data represents both an invaluable asset for advancing care and a prime target for malicious actors. Electronic health records (EHRs), connected medical devices, telemedicine platforms, artificial intelligence tools, and third-party vendor relationships all contribute to an increasingly complex risk environment. This course, “Healthcare Data Security & Risk Management,” introduces and equips healthcare IT professionals, compliance officers, risk managers, and healthcare administrators with the knowledge and skills to analyze, evaluate, and strengthen their organization’s data protection and risk management strategies.

Over the span of four hours, learners will explore the regulatory, technical, and operational dimensions of safeguarding protected health information (PHI) and electronic PHI (ePHI). The course is designed at an advanced level, demanding higher-order thinking—learners will analyze, evaluate, and create strategies to manage health data in real-world, high-risk scenarios. The course begins with a strong foundation in healthcare data protection fundamentals, including HIPAA Security Rule requirements, data classification, lifecycle management, and the principle of minimum necessary use. This grounding ensures all learners can critically evaluate compliance obligations and data governance structures. This course is designed for healthcare IT professionals, compliance officers, cybersecurity analysts, risk managers, healthcare administrators, and professionals transitioning into healthcare security roles. If you’re responsible for protecting patient data or managing regulatory risk, this course equips you with the frameworks and tools you need. Learners should have basic knowledge of healthcare IT systems and a general understanding of regulatory compliance. Familiarity with cybersecurity concepts is helpful but not required; the course provides the context needed to apply security principles effectively in healthcare environments. By the end of the course, learners will not only understand compliance requirements and risks, but also synthesize knowledge into practical policies, risk management frameworks, and incident response strategies tailored to their organizations. The course’s blend of conceptual videos, demonstrations, assigned readings, discussions, and hands-on lab activities ensures an engaging and applied learning experience.

In this course, you’ll learn how to protect sensitive patient data across modern healthcare systems using clear, practical methods. You’ll break down regulatory requirements, analyze real attack scenarios, and apply hands-on techniques to secure EHRs, medical devices, telemedicine platforms, and cloud-based environments. Through step-by-step labs and case studies, you’ll assess threats, build risk-management plans, and practice incident response approaches grounded in HIPAA and industry frameworks. By the end, you’ll be able to strengthen your organization’s security posture, manage healthcare risks with confidence, and respond effectively to breaches in today’s high-risk healthcare landscape.

Inclus

1 vidéo1 lecture

In this module, you’ll learn how healthcare data is classified, governed, and protected under strict regulations like HIPAA. We’ll explore why PHI and ePHI are prime targets, how the Security and Privacy Rules shape daily operations, and what “minimum necessary” looks like in real workflows. You’ll also walk through data lifecycle management, social engineering risks, and practical ways to build stronger organizational vigilance. By the end, you’ll understand the core compliance and governance principles that anchor every effective healthcare security strategy.

Inclus

10 vidéos2 lectures1 devoir1 évaluation par les pairs1 sujet de discussion

10 vidéosTotal 69 minutes

Module Introduction 1 minute
The Value of PHI/ePHI on the Black Market 7 minutes
Common Attack Vectors in Healthcare 9 minutes
Real-World Data Breach Case Analysis 9 minutes
HIPAA Security Rule and Privacy Rule Primer 7 minutes
Minimum Necessary Standard & Data Lifecycle Management 6 minutes
Mapping Data Flows for Compliance 6 minutes
Phishing, Smishing, and Pretexting in Healthcare 7 minutes
Phishing Simulation Demo 7 minutes
Building a Culture of Vigilance 6 minutes

2 lecturesTotal 10 minutes

HIPAA Security Rule Summary (HHS) 5 minutes
NIST SP 800-66 HIPAA Implementation Guide 5 minutes

1 devoirTotal 20 minutes

Foundations of Healthcare Data Protection20 minutes

1 évaluation par les pairsTotal 20 minutes

Hands-On-Learning: Data Classification Activity 20 minutes

1 sujet de discussionTotal 10 minutes

Evaluating Phishing Awareness Programs 10 minutes

In this module, you’ll examine the evolving threats that put healthcare organizations at constant risk. We’ll dig into ransomware, insider threats, IoMT vulnerabilities, and the emerging dangers tied to AI-driven systems—showing how attackers exploit clinical and operational environments. You’ll also explore essential security controls like MFA, least privilege, segmentation, and Zero Trust, all applied in healthcare-specific scenarios. By the end, you’ll be able to evaluate threats clearly and design practical defenses that balance cybersecurity with patient safety.

Inclus

10 vidéos2 lectures1 devoir1 évaluation par les pairs1 sujet de discussion

10 vidéosTotal 61 minutes

Module Introduction 1 minute
The Evolution of Ransomware in Healthcare 5 minutes
Insider Threats and Malicious Insiders 6 minutes
Analyzing Ransomware Indicators of Compromise 5 minutes
IoMT Device Vulnerabilities & FDA Guidance 6 minutes
AI & Emerging Threats to Healthcare Systems 7 minutes
Simulating a Medical Device Attack Scenario 6 minutes
Multi-Factor Authentication & Least Privilege 7 minutes
Network Segmentation & Zero Trust in Healthcare 7 minutes
Combatting MFA Fatigue: Why Healthcare Workers are Prime Targets 6 minutes

2 lecturesTotal 10 minutes

HIMSS Cybersecurity Survey Report 5 minutes
FDA Medical Device Cybersecurity Guidance 5 minutes

1 devoirTotal 20 minutes

Healthcare Cybersecurity Threat Landscape20 minutes

1 évaluation par les pairsTotal 20 minutes

Hands-On-Learning: Threat Detection Activity20 minutes

1 sujet de discussionTotal 10 minutes

Balancing Patient Safety and Cybersecurity10 minutes

In this module, you’ll learn how to assess and manage cyber risks using frameworks such as NIST CSF, HITRUST, and ISO 27001. We’ll walk through how to build risk matrices, evaluate vulnerabilities, and analyze vendor and third-party exposures that can compromise healthcare systems. You’ll also explore methods for continuous monitoring, from KPIs and KRIs to dashboards that support executive decision-making. By the end, you’ll be able to develop structured, defensible risk management plans tailored to healthcare environments.

Inclus

10 vidéos2 lectures1 devoir1 évaluation par les pairs1 sujet de discussion

10 vidéosTotal 78 minutes

Module Introduction 2 minutes
Comparing NIST CSF, HITRUST, and ISO 27001 7 minutes
Applying Frameworks in Healthcare Environments 7 minutes
Building a Simple Risk Assessment Matrix 8 minutes
Supply Chain Attacks in Healthcare 6 minutes
Best Practices for Vendor Risk Assessment 7 minutes
Using a Vendor Risk Questionnaire Tool 11 minutes
The Role of KPIs & KRIs in Healthcare Cyber Risk 6 minutes
Cyber Risk Dashboards for Executives 6 minutes
Configuring a Basic Risk Monitoring Dashboard 13 minutes

2 lecturesTotal 10 minutes

NIST Cybersecurity Framework 5 minutes
HITRUST Assessment Handbook 5 minutes

1 devoirTotal 20 minutes

Risk Assessment & Risk Management in Healthcare20 minutes

1 évaluation par les pairsTotal 20 minutes

Hands-On-Learning: Risk Register & Risk Assessment Matrix20 minutes

1 sujet de discussionTotal 5 minutes

Continuous vs. Periodic Risk Assessments 5 minutes

In this module, you’ll learn how healthcare organizations prepare for, detect, and respond to cyber incidents and data breaches. We’ll break down the components of an IR plan, explore digital forensics techniques, and walk through recovery strategies that minimize downtime without compromising patient care. You’ll also examine HIPAA breach notification rules, legal considerations, and real-world case studies that show how breaches unfold. By the end, you’ll be able to design and evaluate incident response and breach management plans that meet regulatory expectations and protect patient trust.

Inclus

10 vidéos2 lectures1 devoir1 évaluation par les pairs1 sujet de discussion

10 vidéosTotal 63 minutes

Module Introduction 1 minute
Core Components of Incident Response in Healthcare 5 minutes
Roles & Responsibilities in IR Teams 7 minutes
Drafting an IR Plan in a Sample Template 10 minutes
Best Practices in Digital Forensics for Healthcare 5 minutes
Recovery and Business Continuity after an Attack 6 minutes
Simulated Ransomware Recovery Walkthrough 7 minutes
HIPAA Breach Notification Requirements 7 minutes
Legal & Ethical Considerations in Breach Reporting 6 minutes
Case Study of a Major Healthcare Breach 6 minutes

2 lecturesTotal 10 minutes

HHS Breach Notification Rule 5 minutes
New 2025 HIPAA Regulations: Key Changes & How To Stay Ahead5 minutes

1 devoirTotal 20 minutes

Incident Response & Breach Management20 minutes

1 évaluation par les pairsTotal 20 minutes

Hands-On-Learning: Incident Response Tabletop Exercise20 minutes

1 sujet de discussionTotal 10 minutes

Learning from High-Profile Breaches 10 minutes

In this wrap-up module, you’ll put all your learning into action through a hands-on healthcare security simulation. You’ll assess risks, review a vendor profile, draft an incident response plan, and determine HIPAA breach notification steps. By completing practical artifacts like a risk register and IR outline, you’ll finish the course with real-world skills you can apply immediately in healthcare cybersecurity.

Inclus

1 vidéo1 évaluation par les pairs

Instructeurs

Joy Ardanaz

Starweaver

1 Cours1 apprenant

Starweaver

517 Cours935 280 apprenants

Offert par

Starweaver

Pour quelles raisons les étudiants sur Coursera nous choisissent-ils pour leur carrière ?

Felipe M.

Étudiant(e) depuis 2018

’Pouvoir suivre des cours à mon rythme à été une expérience extraordinaire. Je peux apprendre chaque fois que mon emploi du temps me le permet et en fonction de mon humeur.’

Jennifer J.

Étudiant(e) depuis 2020

’J'ai directement appliqué les concepts et les compétences que j'ai appris de mes cours à un nouveau projet passionnant au travail.’

Larry W.

Étudiant(e) depuis 2021

’Lorsque j'ai besoin de cours sur des sujets que mon université ne propose pas, Coursera est l'un des meilleurs endroits où se rendre.’

Chaitanya A.

’Apprendre, ce n'est pas seulement s'améliorer dans son travail : c'est bien plus que cela. Coursera me permet d'apprendre sans limites.’

Ouvrez de nouvelles portes avec Coursera Plus

Accès illimité à 10,000+ cours de niveau international, projets pratiques et programmes de certification prêts à l'emploi - tous inclus dans votre abonnement.

Faites progresser votre carrière avec un diplôme en ligne

Obtenez un diplôme auprès d’universités de renommée mondiale - 100 % en ligne

Découvrir les diplômes

Rejoignez plus de 3 400 entreprises mondiales qui ont choisi Coursera pour les affaires

Améliorez les compétences de vos employés pour exceller dans l’économie numérique

Foire Aux Questions

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.