Blog
HCISPP Spotlight: Ramana Krothapalli
Name: Ramana Krothapalli
Title: Consultant – Information Security & GRC
Employer: Self-Employed
Location: Hyderabad, India
Education: M.Sc., PGDCA
Years in IT: 7
Years in cybersecurity and/or privacy: 17
Cybersecurity certifications: CISSP, HCISSP, CISA, CISM, ISO 27001 LA
How did you decide upon a career in healthcare security and/or privacy?
It’s rather a chance than a choice. As the chief information security officer (CISO) of a software development firm, I was tasked to implement information security and privacy in multiple healthcare development projects. I am happy that I could contribute to security of healthcare.
Why did you decide to pursue your HCISPP ?
Apart from learning and educating myself about privacy concepts, I wanted to acquire a global certification in privacy, specific to the healthcare industry, to improve my credibility among the stakeholders – management, project teams and clients. After researching various privacy certifications, I chose to pursue the HCISPP given the quality and reputation of (ISC)² certifications across the globe and completed the certification in 2015. I was pleasantly surprised and elated when one of my professional colleagues congratulated me on becoming the first HCISPP from India.
What is your main role in your organization?
When I completed the HCISPP certification, my main role was to sensitize senior management about security and privacy risks in healthcare projects, train project teams, implement security & privacy requirements in healthcare development projects. In my current profession as a consultant, my main role is to provide advisory services in information security and privacy to clients.
Tell us about a project that you were particularly proud of –
I take pride in my contribution to all the projects I am involved in. However, the most satisfying project was during my role as CISO for the software development firm. We conducted an awareness session to the entire project team during the inception phase. We highlighted the security and privacy requirements based on HIPAA and HITECH, which were mandated by contractual obligations. It took a series of meetings and additional awareness sessions to iron out the disagreements and resistance from members. Finally, the project was successfully delivered with appreciations from the client.
What impact has the HCISPP had on your career?
The HCISPP certification has enhanced my credibility as a security and privacy professional in the industry and created opportunities for me in the healthcare sector.
What advice would you give to those aspiring to get their HCISPP?
First, I would congratulate them on their decision to pursue the HCISPP. There are tremendous opportunities in healthcare information security and privacy which can be tapped into by acquiring the HCISPP credential. As for common query regarding study material, there are numerous options available that would immensely help in the preparation towards the HCISSP certification. Some of the options include: The Ultimate Guide to the HCISPP, NIST SP 800 series of standards and acts/regulations such as HIPAA, HITECH, HITRUST and GDPR.
For more information about the (ISC)² Healthcare Information Security and Privacy Practitioner certification, download the Ultimate Guide to the HCISPP .