Consulting Opportunities In Healthcare Security

egrizzly · December 2019

Hello all,

I thought to inquire if any of you know about consulting opportunities in Healthcare Security. These are opportunities related to the HCISPP certification. If you know of where, how, or who can provide information for getting into healthcare security consulting you have my gratitude in advance for sharing your info.

beads · December 2019

I have held the HCISPP since inception and maybe had one "hit" so to say on the certification. Took the exam because of my heavily background in healthcare security. As a consultant and now FTE in a healthcare organization the cert still doesn't get much notice in or outside of work.

Sorry to be a drag but the most traffic I do get has been "what do I study for the HCISPP?" questions.

egrizzly · December 2019

beads said:

I have held the HCISPP since inception and maybe had one "hit" so to say on the certification. Took the exam because of my heavily background in healthcare security. As a consultant and now FTE in a healthcare organization the cert still doesn't get much notice in or outside of work.

Sorry to be a drag but the most traffic I do get has been "what do I study for the HCISPP?" questions.

What does your consulting role consist of and how did you get clients if I might ask?

bigdogz · December 2019

I have not seen any ROI for this certification either. As a consultant I have not seen any request for anyone to have this certification.

beads · December 2019

In real life I am a known healthcare security and HIPAA expert. How I got here was by helping to build the first electronic HRIS system back in the 1990s. Think heavy employee benefits orientated (health, dental, vision, payroll, etc.) delivered on line. Back then this was leap years ahead of the game. Today its something you take for granted as a new hire. New and returning clients generally come to me or I let the powers that be (Managers and internal recruiters) know that I have some availability 90-100 days out. Reputation is key for a consultant.

The biggest drag on the healthcare market is that anything GRC has a low bar to entry making it extremely attractive to new grads and entrants. If it looks "easy", the new entrant will look at the field like a veteran of the field. I see far too many eager souls in way over their heads with this field but they do work cheaply so I let them be. OK I will basically ignore them as much a business will allow so I can concentrate on my work as well but when has that ever changed in any field.

So most of my work has been consulting for Blue Cross/Blue Shields, hospitals, ICDN language providers and the like. Today I work for one of the mega-pharmacies breaking controls and doing redesigns in the cloud. I'd say little over 20 plus years of healthcare under my belt and working with HIPAA since 1996 makes me an expert in the field, yeah.

Understand this board is now a PR and advertisement for a training company that I do not wish to offend by the following statement nevertheless still true.

Much like the CISSP concentrations, ISSAP, ISSEP and ISSMP the HCISPP had all the right intentions for a cert but the market never saw much value and moved along without much fanfare. I've meet one other person with the HCISPP and that was at one of the question writing workshops a couple years ago. Best way to knock out 20 or 21 CEUs, by the way. Not to mention I had a blast doing the workshop in the first place.

Hope that helps.

egrizzly · December 2019

beads said:

In real life I am a known healthcare security and HIPAA expert. How I got here was by helping to build the first electronic HRIS system back in the 1990s. Think heavy employee benefits orientated (health, dental, vision, payroll, etc.) delivered on line. Back then this was leap years ahead of the game. Today its something you take for granted as a new hire. New and returning clients generally come to me or I let the powers that be (Managers and internal recruiters) know that I have some availability 90-100 days out. Reputation is key for a consultant.

The biggest drag on the healthcare market is that anything GRC has a low bar to entry making it extremely attractive to new grads and entrants. If it looks "easy", the new entrant will look at the field like a veteran of the field. I see far too many eager souls in way over their heads with this field but they do work cheaply so I let them be. OK I will basically ignore them as much a business will allow so I can concentrate on my work as well but when has that ever changed in any field.

So most of my work has been consulting for Blue Cross/Blue Shields, hospitals, ICDN language providers and the like. Today I work for one of the mega-pharmacies breaking controls and doing redesigns in the cloud. I'd say little over 20 plus years of healthcare under my belt and working with HIPAA since 1996 makes me an expert in the field, yeah.

Understand this board is now a PR and advertisement for a training company that I do not wish to offend by the following statement nevertheless still true.

Much like the CISSP concentrations, ISSAP, ISSEP and ISSMP the HCISPP had all the right intentions for a cert but the market never saw much value and moved along without much fanfare. I've meet one other person with the HCISPP and that was at one of the question writing workshops a couple years ago. Best way to knock out 20 or 21 CEUs, by the way. Not to mention I had a blast doing the workshop in the first place.

Hope that helps.

This is good info. Thanks for the much needed insight Beads.

Consulting Opportunities In Healthcare Security

Comments