Healthcare Data Security & Risk Management

只需 199 美元（原价 399 美元）即可通过 Coursera Plus 学习更高水平的技能。立即节省

Healthcare Data Security & Risk Management

位教师：Joy Ardanaz

包含在中

了解更多

6个模块

深入了解一个主题并学习基础知识。

高级设置等级

面向相关领域的从业人员而设计

9 小时完成

灵活的计划

自行安排学习进度

6个模块

深入了解一个主题并学习基础知识。

高级设置等级

面向相关领域的从业人员而设计

9 小时完成

灵活的计划

自行安排学习进度

您将学到什么

Analyze healthcare data protection requirements and evaluate compliance strategies.
Evaluate healthcare cybersecurity threats and design effective security controls.
Apply risk assessment methodologies to healthcare IT environments and develop comprehensive risk management plans.
Create and evaluate incident response and breach management strategies for healthcare organizations.

要了解的详细信息

可分享的证书

添加到您的领英档案

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

该课程共有6个模块

In today’s digital healthcare ecosystem, patient data represents both an invaluable asset for advancing care and a prime target for malicious actors. Electronic health records (EHRs), connected medical devices, telemedicine platforms, artificial intelligence tools, and third-party vendor relationships all contribute to an increasingly complex risk environment. This course, “Healthcare Data Security & Risk Management,” introduces and equips healthcare IT professionals, compliance officers, risk managers, and healthcare administrators with the knowledge and skills to analyze, evaluate, and strengthen their organization’s data protection and risk management strategies.

Over the span of four hours, learners will explore the regulatory, technical, and operational dimensions of safeguarding protected health information (PHI) and electronic PHI (ePHI). The course is designed at an advanced level, demanding higher-order thinking—learners will analyze, evaluate, and create strategies to manage health data in real-world, high-risk scenarios. The course begins with a strong foundation in healthcare data protection fundamentals, including HIPAA Security Rule requirements, data classification, lifecycle management, and the principle of minimum necessary use. This grounding ensures all learners can critically evaluate compliance obligations and data governance structures. This course is designed for healthcare IT professionals, compliance officers, cybersecurity analysts, risk managers, healthcare administrators, and professionals transitioning into healthcare security roles. If you’re responsible for protecting patient data or managing regulatory risk, this course equips you with the frameworks and tools you need. Learners should have basic knowledge of healthcare IT systems and a general understanding of regulatory compliance. Familiarity with cybersecurity concepts is helpful but not required; the course provides the context needed to apply security principles effectively in healthcare environments. By the end of the course, learners will not only understand compliance requirements and risks, but also synthesize knowledge into practical policies, risk management frameworks, and incident response strategies tailored to their organizations. The course’s blend of conceptual videos, demonstrations, assigned readings, discussions, and hands-on lab activities ensures an engaging and applied learning experience.

In this course, you’ll learn how to protect sensitive patient data across modern healthcare systems using clear, practical methods. You’ll break down regulatory requirements, analyze real attack scenarios, and apply hands-on techniques to secure EHRs, medical devices, telemedicine platforms, and cloud-based environments. Through step-by-step labs and case studies, you’ll assess threats, build risk-management plans, and practice incident response approaches grounded in HIPAA and industry frameworks. By the end, you’ll be able to strengthen your organization’s security posture, manage healthcare risks with confidence, and respond effectively to breaches in today’s high-risk healthcare landscape.

涵盖的内容

1个视频1篇阅读材料

In this module, you’ll learn how healthcare data is classified, governed, and protected under strict regulations like HIPAA. We’ll explore why PHI and ePHI are prime targets, how the Security and Privacy Rules shape daily operations, and what “minimum necessary” looks like in real workflows. You’ll also walk through data lifecycle management, social engineering risks, and practical ways to build stronger organizational vigilance. By the end, you’ll understand the core compliance and governance principles that anchor every effective healthcare security strategy.

涵盖的内容

10个视频2篇阅读材料1个作业1次同伴评审1个讨论话题

10个视频总计69分钟

Module Introduction 1分钟
The Value of PHI/ePHI on the Black Market 7分钟
Common Attack Vectors in Healthcare 9分钟
Real-World Data Breach Case Analysis 9分钟
HIPAA Security Rule and Privacy Rule Primer 7分钟
Minimum Necessary Standard & Data Lifecycle Management 6分钟
Mapping Data Flows for Compliance 6分钟
Phishing, Smishing, and Pretexting in Healthcare 7分钟
Phishing Simulation Demo 7分钟
Building a Culture of Vigilance 6分钟

2篇阅读材料总计10分钟

HIPAA Security Rule Summary (HHS) 5分钟
NIST SP 800-66 HIPAA Implementation Guide 5分钟

1个作业总计20分钟

Foundations of Healthcare Data Protection20分钟

1次同伴评审总计20分钟

Hands-On-Learning: Data Classification Activity 20分钟

1个讨论话题总计10分钟

Evaluating Phishing Awareness Programs 10分钟

In this module, you’ll examine the evolving threats that put healthcare organizations at constant risk. We’ll dig into ransomware, insider threats, IoMT vulnerabilities, and the emerging dangers tied to AI-driven systems—showing how attackers exploit clinical and operational environments. You’ll also explore essential security controls like MFA, least privilege, segmentation, and Zero Trust, all applied in healthcare-specific scenarios. By the end, you’ll be able to evaluate threats clearly and design practical defenses that balance cybersecurity with patient safety.

涵盖的内容

10个视频2篇阅读材料1个作业1次同伴评审1个讨论话题

10个视频总计61分钟

Module Introduction 1分钟
The Evolution of Ransomware in Healthcare 5分钟
Insider Threats and Malicious Insiders 6分钟
Analyzing Ransomware Indicators of Compromise 5分钟
IoMT Device Vulnerabilities & FDA Guidance 6分钟
AI & Emerging Threats to Healthcare Systems 7分钟
Simulating a Medical Device Attack Scenario 6分钟
Multi-Factor Authentication & Least Privilege 7分钟
Network Segmentation & Zero Trust in Healthcare 7分钟
Combatting MFA Fatigue: Why Healthcare Workers are Prime Targets 6分钟

2篇阅读材料总计10分钟

HIMSS Cybersecurity Survey Report 5分钟
FDA Medical Device Cybersecurity Guidance 5分钟

1个作业总计20分钟

Healthcare Cybersecurity Threat Landscape20分钟

1次同伴评审总计20分钟

Hands-On-Learning: Threat Detection Activity20分钟

1个讨论话题总计10分钟

Balancing Patient Safety and Cybersecurity10分钟

In this module, you’ll learn how to assess and manage cyber risks using frameworks such as NIST CSF, HITRUST, and ISO 27001. We’ll walk through how to build risk matrices, evaluate vulnerabilities, and analyze vendor and third-party exposures that can compromise healthcare systems. You’ll also explore methods for continuous monitoring, from KPIs and KRIs to dashboards that support executive decision-making. By the end, you’ll be able to develop structured, defensible risk management plans tailored to healthcare environments.

涵盖的内容

10个视频2篇阅读材料1个作业1次同伴评审1个讨论话题

10个视频总计78分钟

Module Introduction 2分钟
Comparing NIST CSF, HITRUST, and ISO 27001 7分钟
Applying Frameworks in Healthcare Environments 7分钟
Building a Simple Risk Assessment Matrix 8分钟
Supply Chain Attacks in Healthcare 6分钟
Best Practices for Vendor Risk Assessment 7分钟
Using a Vendor Risk Questionnaire Tool 11分钟
The Role of KPIs & KRIs in Healthcare Cyber Risk 6分钟
Cyber Risk Dashboards for Executives 6分钟
Configuring a Basic Risk Monitoring Dashboard 13分钟

2篇阅读材料总计10分钟

NIST Cybersecurity Framework 5分钟
HITRUST Assessment Handbook 5分钟

1个作业总计20分钟

Risk Assessment & Risk Management in Healthcare20分钟

1次同伴评审总计20分钟

Hands-On-Learning: Risk Register & Risk Assessment Matrix20分钟

1个讨论话题总计5分钟

Continuous vs. Periodic Risk Assessments 5分钟

In this module, you’ll learn how healthcare organizations prepare for, detect, and respond to cyber incidents and data breaches. We’ll break down the components of an IR plan, explore digital forensics techniques, and walk through recovery strategies that minimize downtime without compromising patient care. You’ll also examine HIPAA breach notification rules, legal considerations, and real-world case studies that show how breaches unfold. By the end, you’ll be able to design and evaluate incident response and breach management plans that meet regulatory expectations and protect patient trust.

涵盖的内容

10个视频2篇阅读材料1个作业1次同伴评审1个讨论话题

10个视频总计63分钟

Module Introduction 1分钟
Core Components of Incident Response in Healthcare 5分钟
Roles & Responsibilities in IR Teams 7分钟
Drafting an IR Plan in a Sample Template 10分钟
Best Practices in Digital Forensics for Healthcare 5分钟
Recovery and Business Continuity after an Attack 6分钟
Simulated Ransomware Recovery Walkthrough 7分钟
HIPAA Breach Notification Requirements 7分钟
Legal & Ethical Considerations in Breach Reporting 6分钟
Case Study of a Major Healthcare Breach 6分钟

2篇阅读材料总计10分钟

HHS Breach Notification Rule 5分钟
New 2025 HIPAA Regulations: Key Changes & How To Stay Ahead5分钟

1个作业总计20分钟

Incident Response & Breach Management20分钟

1次同伴评审总计20分钟

Hands-On-Learning: Incident Response Tabletop Exercise20分钟

1个讨论话题总计10分钟

Learning from High-Profile Breaches 10分钟

In this wrap-up module, you’ll put all your learning into action through a hands-on healthcare security simulation. You’ll assess risks, review a vendor profile, draft an incident response plan, and determine HIPAA breach notification steps. By completing practical artifacts like a risk register and IR outline, you’ll finish the course with real-world skills you can apply immediately in healthcare cybersecurity.

涵盖的内容

1个视频1次同伴评审

位教师

Joy Ardanaz

Starweaver

1 门课程1 名学生

Starweaver

517 门课程935,280 名学生

提供方

Starweaver

人们为什么选择 Coursera 来帮助自己实现职业发展

Felipe M.

自 2018开始学习的学生

''能够按照自己的速度和节奏学习课程是一次很棒的经历。只要符合自己的时间表和心情，我就可以学习。'

Jennifer J.

自 2020开始学习的学生

''我直接将从课程中学到的概念和技能应用到一个令人兴奋的新工作项目中。'

Larry W.

自 2021开始学习的学生

''如果我的大学不提供我需要的主题课程，Coursera 便是最好的去处之一。'

Chaitanya A.

''学习不仅仅是在工作中做的更好：它远不止于此。Coursera 让我无限制地学习。'

通过 Coursera Plus 开启新生涯

无限制访问 10,000+ 世界一流的课程、实践项目和就业就绪证书课程 - 所有这些都包含在您的订阅中

了解更多

通过在线学位推动您的职业生涯

获取世界一流大学的学位 - 100% 在线

探索学位

加入超过 3400 家选择 Coursera for Business 的全球公司

提升员工的技能，使其在数字经济中脱颖而出

了解更多

常见问题

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.