homepage
Open menu

SEC474: Building A Healthcare Security & Compliance Program

Register Now Course Demo
  • Online
12 CPEs

There are three huge reasons why SEC474: Building a Healthcare Security and Compliance Program is important to all healthcare organizations. First, the problem of healthcare security is big and only getting bigger. Adversaries are becoming more sophisticated in their approach and more focused on healthcare because of the value of the sector's data. Healthcare organizations of all sizes and types are concerned that the lack of properly trained security professionals is resulting in IT systems that are insecure and that they may be out of compliance and face steep fines. Second, fines under the Health Insurance Portability and Accountability Act (HIPAA) are only getting bigger. Recent years have seen many million-dollar+ fines levied against healthcare organizations for not being "HIPAA Compliant." Recent trends show that this situation is getting worse, not better. Third, HIPAA compliance regulations don't actually tell you how to attain "HIPAA Compliance." With absent specific guidance, organizations are left to figure out these challenges on their own. This course has been designed to help organizations with concrete guidance to build a secure and compliant environment.

Course Authors:
Aaron Cure
Aaron Cure
Certified Instructor
DJ McArthur
DJ McArthur
Doc Blackburn
Doc Blackburn
Principal Instructor
What You Will LearnSyllabusPrerequisitesLaptop RequirementsAuthor StatementTraining & Pricing

What You Will Learn

Leveraging the HIPAA Security Rule for Better Cybersecurity

One of the challenges organizations face in complying with the Health Insurance Portability and Accountability Act (HIPAA) is that the act's regulatory and privacy standards are not prescriptive enough to help organizations successfully build an effective security and compliance program. Audit and assessment engagements with government agencies such as the Office of Civil Rights (OCR) and with state attorney generals during and after reportable data breaches or privacy-related security incidents can be overwhelming for organizations to navigate without previous knowledge or experience.

"I have peers who understand security strategies, but not as much about HIPAA and vice versa. I have already recommended this course to a peer who is more experienced on the HIPAA side and could gain so much on hearing about the technical controls and administrative processes to address those." -Cheryl Hearne, Conway Regional Health Systems

To address tight budget restrictions, many healthcare organizations promote security and compliance team members from within the organization in order to cultivate and retain talent internally. These professionals have a wide range of experience and skill sets. The SANS SEC474 course can help organizations level-set and prepare healthcare compliance and security by sharing first-hand knowledge and experiences.

The goal of this course is to show that HIPAA compliance in itself is neither an antidote nor a cure for the shortcoming of an organization's healthcare security. The ultimate goal is to develop, maintain, and demonstrate a secure environment for the organization by implementing repeatable processes based on industry best practices. When that is achieved, evidence of HIPAA compliance is a result of those efforts.

Healthcare organizations in the United States face two major challenges: first, to properly secure the organization from tactical risk, and second, to achieve compliance with the array of government regulations known as HIPAA. This course will help students develop the skills to make measurable improvements to the overall security posture of their organization's IT infrastructure while also building and maintaining a compliance program. Using the safeguards of the HIPAA Security Rule along with the NIST Framework 800-66 to identify and assess risk, students will learn how to report progress on their compliance activities and their security value in support of the organization's mission.

Students will gain skills and knowledge in SEC474 that they will be able to use on their first day back at work. Students will leave the classroom knowing what it takes to establish and nurture a culture of compliance where both compliance and business objectives are promoted as a singular goal. They will be able not only to assess compliance, but also to measure the maturity and effectiveness of compliance activities.

You Will Be Able To

  • Tackle the challenges at hand - many HIPAA compliance regulations run counter to business objectives, so we will explore why this is and how to overcome the issue.
  • Interpret the Security Rule text in-depth, including an analysis of every line item of the regulation and what it means to your organization.
  • Draft sound policy that supports business as well as compliance objectives.
  • Perform a risk assessment, enumerate threat data, analyze vulnerabilities, and select proper safeguards to lower risk.
  • Define the value of the compliance program for the organization.
  • Create a culture of compliance.
  • Establish lines of communication and reporting channels.
  • Understand the value of internal monitoring and auditing by learning the key components of a continuous monitoring reporting and improvement program.
  • Promote a culture of compliance.

This Course Will Prepare You To

  • Take steps to meet compliance standards, particularly those of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Protect your healthcare organization from cyber-threats, unintended data disclosures, and mishandling of data in the enterprise
  • Understand the most prevalent security concerns specifically around the healthcare industry such as data disclosures, ransomware, unauthorized access and modification, incident response, and business continuity planning
  • Apply the HIPAA Security Rule in practice
  • Build an organizational security plan
  • Understand the job roles in a compliance program

Hands-On Labs

The hands-on labs will teach you practical actions to protect a healthcare-based environment. The labs draw on real-world examples. Each lab has step-by-step instructions that enable you to learn new skills or become even more knowledgeable and skilled with the cybersecurity techniques and procedures you already know.

  1. Lab Install: Initial download and installation of lab VM where the referenced software and data reside, ensuring students have the core resources needed to complete the remainder of the labs.
  2. Rules of the Road: Use raw field data from a site assessment walk-through and enter results into an assessor in order to ensure that students are comfortable with navigating both the assessor and ticketing provided in lab software, and then enter data into the most appropriate sections.
  3. Identifying Vulnerabilities and Threats: Analyze and prioritize vulnerabilities in ticketing systems referencing organizational policies and procedures in order to ensure that students are comfortable with navigating the policy manager software provided in the lab VM.
  4. Mapping and Scoring Assessment Maturity Ratings: Analyze assessment report results and enter the appropriate maturity scale (1-4) based on the evidence provided in order to ensure that students are familiar with the rating and scoring process within the assessor software.
  5. Safeguards and Storage: Review ticket requests and security incidents common in the healthcare industry and make appropriate decisions based on the evidence and information obtained from key departments outside of security. This lab requires student to use critical thinking based on a number of key factors.
  6. Measuring Response Effectiveness: Analyze a recent Ryuk Ransomware security incident report to measure response effectiveness as it relates to current trends in cybersecurity and specifically the healthcare industry. Using the Mitre ATT&CK framework, students will also have an added bonus challenge to unmask the suspected threat group responsible for the attack!
  7. Finalizing a Telecommute Policy: Review a drafted telecommute policy that is missing key security and compliance elements. Students will need to address common challenges faced during the COVID-19 pandemic, enabling remote workers to securely continue operations from home.
  8. Business Impact Analysis (BIA) for Telehealth Services: Analyze and review a BIA for telehealth services that has been recently updated. Students will respond to an email form the IT Director on overall business impact and recovery time objective score information that is derived from the BIA.
  9. Initial Assessment for Telehealth Services: Review and assess three software\hardware platforms to use telehealth services and engage with patients remotely. Students will assess the security controls of each solution proposed and list pros and risks associated with the individual platforms. Then they'll make recommendations on which telehealth platform should be selected with supporting reasoning and taking into consideration the recent guidelines issued by the U.S. Department of Health and Human Services (HHS) during the pandemic.
  10. Reporting to Management: Review and complete missing sections of the annual Information Security Report to the executive board by looking up tickets within the ticketing system and contacting key individuals by email to obtain additional information and context to provide to the CIO for an upcoming board meeting. Students will take elements and data points gathered from previous labs to enter in final updates.

What You Will Receive

  • Physical and digital workbooks
  • Virtual Machine tailored to the course
  • HIPAA-Based Risk Assessment Tool

Additional Resources

Syllabus (12 CPEs)

Download PDF
  • Overview

    This course section introduces the student to the HIPAA regulations and how they support, and occasionally conflict with, organizational goals of patient care and privacy. The student will learn the fundamentals of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), HITECH, and the Omnibus Rule.

    This course focuses on effectiveness and maturity by exploring the following key questions:

    • Is there written documentation?
    • Is there a process in place?
    • Is the process automated or manual?
    • Can effectiveness be demonstrated with metrics?

    We will also explore strategies to align with healthcare objectives and focus on the effectiveness and maturity of security activities. Students will learn the importance of physical security in safeguarding electronic protected health information (ePHI). The section concludes with a discussion on defining the value of the compliance program to align with business needs.

    Exercises
    • Rules of the Road: Using raw field data from a site assessment walk-through and entering results into an assessor, this exercise ensures that students are comfortable with navigating both the assessor and ticketing provided in lab software and entering data into the most appropriate sections.
    • Identifying Vulnerabilities and Threats: This exercise involves analyzing and prioritizing vulnerabilities in ticketing systems and referencing organizational policies and procedures. The aim is to ensure that students are comfortable with navigating the policy manager software provided in the lab virtual machine.
    • Mapping and Scoring Assessment Maturity Ratings: Analyzing assessment report results and enter the appropriate maturity scale (1-4) based on the evidence provided. The aim is to ensure that students are familiar with the rating and scoring process within the assessor software.
    • Safeguards and Storage: This exercise involves reviewing ticket requests and security incidents common in the healthcare industry and making appropriate decisions based on the evidence and information obtained from key departments outside of security. These skills require students to use critical thinking based on a number of key factors.
    • Measuring Response Effectiveness: In this exercise, students will analyze a recent Ryuk Ransomware security incident report to measure response effectiveness as it relates to current trends in cybersecurity and specifically the healthcare industry. Using the Mitre ATT&CK framework, students will also have an added bonus challenge to unmask the suspected threat group responsible for the attack!
    Topics
    • Understanding the Challenge
      • Healthcare is one of the most vulnerable and attacked industries
      • e-PHI has value to the organization and the adversary
      • HIPAA is something you must do - it's the law
      • The organization may not see the value.
      • HIPAA does not always align with healthcare objectives
    • HIPAA, HITECH, and the Omnibus Rule: An Exploration of the Laws and Regulations that Affect Covered Entities
    • Applying the HIPAA Security Rule Using the NIST Cybersecurity Framework Security Objectives to:
      • Identify
      • Protect
      • Detect
      • Respond
      • Recover
    • Exploring the Security Rule Safeguards and How to Apply Them in a Healthcare Setting
      • Administrative safeguards
      • Physical safeguards
      • Technical safeguards
    • Risk Analysis
      • CIA triad
      • Least privilege and separation of duties
      • IAAA
      • Prevent/Detect/Corrective action (response)
      • Due care
    • Types of Attacks
    • Other Frameworks
      • NIST
      • CIS Critical Security Controls
      • HITRUST
      • GDPR
      • ISO
    • Physical Security
      • Contingency operations
      • Facility security plan
      • Access control
      • Maintenance records
      • Workstation security
      • Device and media controls
      • Data backup
    • Define the Value of Your Compliance Program
      • Security axioms
      • Security vs. compliance
      • Supervisory safeguards
      • Assessment vs. audit
  • Overview

    This course section focuses on security and compliance efforts, including identifying key roles, contracts, and other documents. The goal is to teach the student how to design organizational structures with outcomes that ensure compliance. Students will learn the dual roles of culture and policy to ensure that compliance mandates are met. They'll also learn to use written procedures and standards to define management intent, as well as how to use training and awareness to ensure compliance. We'll wrap up the course section by examining the importance of continuous improvement and the measurement of success through continuous monitoring, auditing, and reporting. Students will learn techniques for proper communication of risk to leadership.

    Exercises
    • Finalizing a Telecommute Policy: In this exercise, students will review a drafted telecommute policy that is missing key security and compliance elements. Students will need to address common challenges faced during the COVID-19 pandemic, including how to best enable remote workers to continue operations from home securely.
    • Business Impact Analysis (BIA) for Telehealth Services: This exercise involves analyzing and reviewing a BIA for telehealth services that has been recently updated. Students will respond to an email from the IT Director on overall business impact and recovery time objective score information that is derived from the BIA.
    • Initial Assessment for Telehealth Services: Students will review and assess three software/hardware platforms to use telehealth services and engage with patients remotely. Students will assess the security controls of each solution proposed and list pros and risks associated with the individual platforms. Then they'll make recommendations on which telehealth platform should be selected, with supporting reasoning and taking into consideration the recent guidelines issued by U.S. Department of Health and Human Services during the pandemic.
    • Reporting to Management: In this exercise, students will review and complete missing sections of the annual BHHS Information Security Report to the executive board by looking up tickets within the ticketing system and contacting key individuals by email to obtain additional information and context to provide to the CIO for an upcoming board meeting. Students will take elements and data points gathered from previous labs to enter in final updates.
    Topics
    • Culture and Policy
      • The HIPAA Security Officer
      • The HIPAA Privacy Officer
      • Business Associate Agreements and contracts
      • Data Owners
    • Draft and Disseminate Written Policies
      • Policy vs. Procedure
      • Training and Awareness
      • Compliance Officers
      • Managing access control
      • Incident Response and Contingency Planning
    • Implement Written Procedures and Standards
    • Conduct Internal Monitoring and Auditing
      • Levels of monitoring
      • Audit controls
      • Cloud computing
    • Promote a Culture of Compliance
      • Data Owner assignment
      • Awareness
      • Password management
      • Strong authentication
    • Continuous Monitoring, Reporting, and Improvement
      • Establishing lines of communication
      • Reporting channels
      • Breach reporting
      • Periodic evaluations

Prerequisites

  • Basic knowledge of and experience with HIPAA or healthcare security
  • Knowledge of how to use a Virtual Machine
  • Prior completion of SANS SEC301 or a similar course is helpful but not required

Laptop Requirements

Important! Bring your own system configured according to these instructions!

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.

It is critical that you back-up your system before class. It is also strongly advised that you do not bring a system storing any sensitive data.

Baseline Hardware Requirements

  • CPU: 64-bit Intel i5/i7 2.0+ GHz processor
  • BIOS: Enabled "Intel-VT" virtualization
  • USB: 3.0 Type-A Port
  • RAM: 8GB RAM (4GB min)
  • Hard Drive Free Space: 30 GB Free Space
  • Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run VMware virtualization products described below.

Additional Hardware Requirements

The requirements below are in addition to baseline requirements provided above. Prior to the start of class, you must install virtualization software and meet additional hardware and software requirements as described below. If you do not carefully read and follow these instructions, you will leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course.

Network, Wireless Connection

  • A wireless 802.11 B, G, N or AC network adapter is required.

Additional Software Requirements

  • PDF reader
  • You will need Google Chrome, Adobe Acrobat, or another PDF reader.

VMWare

Download and install either VMware Workstation Pro 15.5.x, VMware Player 15.5.x, or Fusion 11.5.x or higher versions before class. If you do not own a licensed copy of VMware Workstation or Fusion, you can download a free 30-day trial copy from VMware. VMware will send you a time-limited serial number if you register for the trial on its website.

Other virtualization software, such as VirtualBox and Hyper-V, are not appropriate because of compatibility and troubleshooting problems you might encounter during class.

VMware Workstation Pro and VMware Player on Windows 10 is not compatible with Windows 10 Credential Guard and Device Guard technologies. Please disable these capabilities for the class if they're enabled on your system.

Note: Apple systems using the M1 processor cannot perform the necessary virtualization at this time and cannot be used for this course.

Your course media will be delivered via download. The media files for class can be large, some in the 40 to 50 GB range. You need to allow plenty of time for the download to complete. Internet connections and speeds vary greatly and are dependent on many different factors. Therefore, it is not possible to give an estimate of the length of time it will take to download your materials. Please start your course media downloads as soon as you get the link. You will need your course media immediately on the first day of class. Waiting until the night before the class starts to begin your download has a high probability of failure.

SANS has begun providing printed materials in PDF form. Additionally, certain classes are using an electronic workbook in addition to the PDFs. The number of classes using eWorkbooks will grow quickly. In this new environment, we have found that a second monitor and/or a tablet device can be useful by keeping the class materials visible while the instructor is presenting or while you are working on lab exercises.

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.

Author Statement

"Throughout my career in securing healthcare organizations and human subjects research, the question I was asked time and time again was simply, 'Are we HIPAA compliant?' I didn't know how to answer this simple question, and after many years I finally realized why I didn't have a good answer. This wasn't the right question! The problem with HIPAA compliance efforts in most organizations is that their focus is on producing evidence of compliance.

"This focus on evidence to pass a compliance audit has been the wrong approach to HIPAA all along. Neither was this approach the true intent of the regulations to begin with. I wrote this course to help show students the right approach to securing a healthcare organization. When you take the right approach, the evidence your efforts produce is what demonstrates your compliance. In this course, we will explore how to change the question, and then have the right answers." - Doc Blackburn

"As a developer, I spent several years seeing the direct impact of HIPAA audits on my customers. I was often asked for an application or program to help them become compliant, which proved to be an impossible task. This course was designed from the ground up with usable, implementable strategies that you can take back to work and be effective. Concrete examples and labs with direct, hands-on scenarios drive home the concepts discussed in the course and make the abstract ideas of HIPAA compliance clear and understandable." - Aaron Cure

"Having spent over 20 years as a cybersecurity professional, leader, and educator, I have discovered that healthcare is a unique industry with a wide range of disciplines and services to navigate. There are many aspects to consider when it comes to achieving effective security and regulatory compliance controls for healthcare organizations. The course content, examples, and labs in SEC474 are based on real-world healthcare industry experiences. The course is designed to evoke critical thinking from various compliance- and security-related roles that need to engage and communicate with one another to successfully protect the organization. The resources and labs are highly interactive and emulate common challenges and scenarios faced in healthcare." - DJ McArthur

"I would definitely recommend this course. Security is more important in healthcare than almost anywhere else, so learning from 3 experts how to protect such an org is a great general model. Also great HIPAA specific info." - Amir Perlson, BrothersKeep

Ways to Learn

  • OnDemand

Cybersecurity learning – at YOUR pace! OnDemand provides unlimited access to your training wherever, whenever. All labs, exercises, and live support from SANS subject matter experts included.

Who Should Attend SEC474?

  • Healthcare CSO/CIO/CISOs
  • Information Security Managers/Administrators
  • IT Security Analysts/Managers/Directors
  • HIPAA Compliance Officers
  • Compliance Analysts
  • Medical Records Supervisors
  • Compliance Auditors
  • Healthcare Security Consultants
  • IT Managers in Healthcare Organizations

"It is well thought out and designed for anyone to understand." - Johny Metellus, OE

See prerequisites

Related Programs

DoDD 8140
DoDD 8140 (0)
See how this and other SANS Courses and GIAC Certifications align with the Department of Defense Directive 8140.
Africa/Abidjan
Africa/Accra
Africa/Addis Ababa
Africa/Algiers
Africa/Asmara
Africa/Asmera
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar es Salaam
Africa/Djibouti
Africa/Douala
Africa/El Aaiun
Africa/Freetown
Africa/Gaborone
Africa/Harare
Africa/Johannesburg
Africa/Juba
Africa/Kampala
Africa/Khartoum
Africa/Kigali
Africa/Kinshasa
Africa/Lagos
Africa/Libreville
Africa/Lome
Africa/Luanda
Africa/Lubumbashi
Africa/Lusaka
Africa/Malabo
Africa/Maputo
Africa/Maseru
Africa/Mbabane
Africa/Mogadishu
Africa/Monrovia
Africa/Nairobi
Africa/Ndjamena
Africa/Niamey
Africa/Nouakchott
Africa/Ouagadougou
Africa/Porto-Novo
Africa/Sao Tome
Africa/Timbuktu
Africa/Tripoli
Africa/Tunis
Africa/Windhoek
America/Adak
America/Anchorage
America/Anguilla
America/Antigua
America/Araguaina
America/Argentina/Buenos Aires
America/Argentina/Catamarca
America/Argentina/ComodRivadavia
America/Argentina/Cordoba
America/Argentina/Jujuy
America/Argentina/La Rioja
America/Argentina/Mendoza
America/Argentina/Rio Gallegos
America/Argentina/Salta
America/Argentina/San Juan
America/Argentina/San Luis
America/Argentina/Tucuman
America/Argentina/Ushuaia
America/Aruba
America/Asuncion
America/Atikokan
America/Atka
America/Bahia
America/Bahia Banderas
America/Barbados
America/Belem
America/Belize
America/Blanc-Sablon
America/Boa Vista
America/Bogota
America/Boise
America/Buenos Aires
America/Cambridge Bay
America/Campo Grande
America/Cancun
America/Caracas
America/Catamarca
America/Cayenne
America/Cayman
America/Chicago
America/Chihuahua
America/Coral Harbour
America/Cordoba
America/Costa Rica
America/Creston
America/Cuiaba
America/Curacao
America/Danmarkshavn
America/Dawson
America/Dawson Creek
America/Denver
America/Detroit
America/Dominica
America/Edmonton
America/Eirunepe
America/El Salvador
America/Ensenada
America/Fort Nelson
America/Fort Wayne
America/Fortaleza
America/Glace Bay
America/Godthab
America/Goose Bay
America/Grand Turk
America/Grenada
America/Guadeloupe
America/Guatemala
America/Guayaquil
America/Guyana
America/Halifax
America/Havana
America/Hermosillo
America/Indiana/Indianapolis
America/Indiana/Knox
America/Indiana/Marengo
America/Indiana/Petersburg
America/Indiana/Tell City
America/Indiana/Vevay
America/Indiana/Vincennes
America/Indiana/Winamac
America/Indianapolis
America/Inuvik
America/Iqaluit
America/Jamaica
America/Jujuy
America/Juneau
America/Kentucky/Louisville
America/Kentucky/Monticello
America/Knox IN
America/Kralendijk
America/La Paz
America/Lima
America/Los Angeles
America/Louisville
America/Lower Princes
America/Maceio
America/Managua
America/Manaus
America/Marigot
America/Martinique
America/Matamoros
America/Mazatlan
America/Mendoza
America/Menominee
America/Merida
America/Metlakatla
America/Mexico City
America/Miquelon
America/Moncton
America/Monterrey
America/Montevideo
America/Montreal
America/Montserrat
America/Nassau
America/New York
America/Nipigon
America/Nome
America/Noronha
America/North Dakota/Beulah
America/North Dakota/Center
America/North Dakota/New Salem
America/Nuuk
America/Ojinaga
America/Panama
America/Pangnirtung
America/Paramaribo
America/Phoenix
America/Port-au-Prince
America/Port of Spain
America/Porto Acre
America/Porto Velho
America/Puerto Rico
America/Punta Arenas
America/Rainy River
America/Rankin Inlet
America/Recife
America/Regina
America/Resolute
America/Rio Branco
America/Rosario
America/Santa Isabel
America/Santarem
America/Santiago
America/Santo Domingo
America/Sao Paulo
America/Scoresbysund
America/Shiprock
America/Sitka
America/St Barthelemy
America/St Johns
America/St Kitts
America/St Lucia
America/St Thomas
America/St Vincent
America/Swift Current
America/Tegucigalpa
America/Thule
America/Thunder Bay
America/Tijuana
America/Toronto
America/Tortola
America/Vancouver
America/Virgin
America/Whitehorse
America/Winnipeg
America/Yakutat
America/Yellowknife
Antarctica/Casey
Antarctica/Davis
Antarctica/DumontDUrville
Antarctica/Macquarie
Antarctica/Mawson
Antarctica/McMurdo
Antarctica/Palmer
Antarctica/Rothera
Antarctica/South Pole
Antarctica/Syowa
Antarctica/Troll
Antarctica/Vostok
Arctic/Longyearbyen
Asia/Aden
Asia/Almaty
Asia/Amman
Asia/Anadyr
Asia/Aqtau
Asia/Aqtobe
Asia/Ashgabat
Asia/Ashkhabad
Asia/Atyrau
Asia/Baghdad
Asia/Bahrain
Asia/Baku
Asia/Bangkok
Asia/Barnaul
Asia/Beirut
Asia/Bishkek
Asia/Brunei
Asia/Calcutta
Asia/Chita
Asia/Choibalsan
Asia/Chongqing
Asia/Chungking
Asia/Colombo
Asia/Dacca
Asia/Damascus
Asia/Dhaka
Asia/Dili
Asia/Dubai
Asia/Dushanbe
Asia/Famagusta
Asia/Gaza
Asia/Harbin
Asia/Hebron
Asia/Ho Chi Minh
Asia/Hong Kong
Asia/Hovd
Asia/Irkutsk
Asia/Istanbul
Asia/Jakarta
Asia/Jayapura
Asia/Jerusalem
Asia/Kabul
Asia/Kamchatka
Asia/Karachi
Asia/Kashgar
Asia/Kathmandu
Asia/Katmandu
Asia/Khandyga
Asia/Kolkata
Asia/Krasnoyarsk
Asia/Kuala Lumpur
Asia/Kuching
Asia/Kuwait
Asia/Macao
Asia/Macau
Asia/Magadan
Asia/Makassar
Asia/Manila
Asia/Muscat
Asia/Nicosia
Asia/Novokuznetsk
Asia/Novosibirsk
Asia/Omsk
Asia/Oral
Asia/Phnom Penh
Asia/Pontianak
Asia/Pyongyang
Asia/Qatar
Asia/Qostanay
Asia/Qyzylorda
Asia/Rangoon
Asia/Riyadh
Asia/Saigon
Asia/Sakhalin
Asia/Samarkand
Asia/Seoul
Asia/Shanghai
Asia/Singapore
Asia/Srednekolymsk
Asia/Taipei
Asia/Tashkent
Asia/Tbilisi
Asia/Tehran
Asia/Tel Aviv
Asia/Thimbu
Asia/Thimphu
Asia/Tokyo
Asia/Tomsk
Asia/Ujung Pandang
Asia/Ulaanbaatar
Asia/Ulan Bator
Asia/Urumqi
Asia/Ust-Nera
Asia/Vientiane
Asia/Vladivostok
Asia/Yakutsk
Asia/Yangon
Asia/Yekaterinburg
Asia/Yerevan
Atlantic/Azores
Atlantic/Bermuda
Atlantic/Canary
Atlantic/Cape Verde
Atlantic/Faeroe
Atlantic/Faroe
Atlantic/Jan Mayen
Atlantic/Madeira
Atlantic/Reykjavik
Atlantic/South Georgia
Atlantic/St Helena
Atlantic/Stanley
Australia/ACT
Australia/Adelaide
Australia/Brisbane
Australia/Broken Hill
Australia/Canberra
Australia/Currie
Australia/Darwin
Australia/Eucla
Australia/Hobart
Australia/LHI
Australia/Lindeman
Australia/Lord Howe
Australia/Melbourne
Australia/NSW
Australia/North
Australia/Perth
Australia/Queensland
Australia/South
Australia/Sydney
Australia/Tasmania
Australia/Victoria
Australia/West
Australia/Yancowinna
Brazil/Acre
Brazil/DeNoronha
Brazil/East
Brazil/West
CET
CST6CDT
Canada/Atlantic
Canada/Central
Canada/Eastern
Canada/Mountain
Canada/Newfoundland
Canada/Pacific
Canada/Saskatchewan
Canada/Yukon
Chile/Continental
Chile/EasterIsland
Cuba
EET
EST
EST5EDT
Egypt
Eire
Etc/GMT
Etc/GMT+0
Etc/GMT+1
Etc/GMT+10
Etc/GMT+11
Etc/GMT+12
Etc/GMT+2
Etc/GMT+3
Etc/GMT+4
Etc/GMT+5
Etc/GMT+6
Etc/GMT+7
Etc/GMT+8
Etc/GMT+9
Etc/GMT-0
Etc/GMT-1
Etc/GMT-10
Etc/GMT-11
Etc/GMT-12
Etc/GMT-13
Etc/GMT-14
Etc/GMT-2
Etc/GMT-3
Etc/GMT-4
Etc/GMT-5
Etc/GMT-6
Etc/GMT-7
Etc/GMT-8
Etc/GMT-9
Etc/GMT0
Etc/Greenwich
Etc/UCT
Etc/UTC
Etc/Universal
Etc/Zulu
Europe/Amsterdam
Europe/Andorra
Europe/Astrakhan
Europe/Athens
Europe/Belfast
Europe/Belgrade
Europe/Berlin
Europe/Bratislava
Europe/Brussels
Europe/Bucharest
Europe/Budapest
Europe/Busingen
Europe/Chisinau
Europe/Copenhagen
Europe/Dublin
Europe/Gibraltar
Europe/Guernsey
Europe/Helsinki
Europe/Isle of Man
Europe/Istanbul
Europe/Jersey
Europe/Kaliningrad
Europe/Kiev
Europe/Kirov
Europe/Lisbon
Europe/Ljubljana
Europe/London
Europe/Luxembourg
Europe/Madrid
Europe/Malta
Europe/Mariehamn
Europe/Minsk
Europe/Monaco
Europe/Moscow
Europe/Nicosia
Europe/Oslo
Europe/Paris
Europe/Podgorica
Europe/Prague
Europe/Riga
Europe/Rome
Europe/Samara
Europe/San Marino
Europe/Sarajevo
Europe/Saratov
Europe/Simferopol
Europe/Skopje
Europe/Sofia
Europe/Stockholm
Europe/Tallinn
Europe/Tirane
Europe/Tiraspol
Europe/Ulyanovsk
Europe/Uzhgorod
Europe/Vaduz
Europe/Vatican
Europe/Vienna
Europe/Vilnius
Europe/Volgograd
Europe/Warsaw
Europe/Zagreb
Europe/Zaporozhye
Europe/Zurich
GB
GB-Eire
GMT
GMT+0
GMT-0
GMT0
Greenwich
HST
Hongkong
Iceland
Indian/Antananarivo
Indian/Chagos
Indian/Christmas
Indian/Cocos
Indian/Comoro
Indian/Kerguelen
Indian/Mahe
Indian/Maldives
Indian/Mauritius
Indian/Mayotte
Indian/Reunion
Iran
Israel
Jamaica
Japan
Kwajalein
Libya
MET
MST
MST7MDT
Mexico/BajaNorte
Mexico/BajaSur
Mexico/General
NZ
NZ-CHAT
Navajo
PRC
PST8PDT
Pacific/Apia
Pacific/Auckland
Pacific/Bougainville
Pacific/Chatham
Pacific/Chuuk
Pacific/Easter
Pacific/Efate
Pacific/Enderbury
Pacific/Fakaofo
Pacific/Fiji
Pacific/Funafuti
Pacific/Galapagos
Pacific/Gambier
Pacific/Guadalcanal
Pacific/Guam
Pacific/Honolulu
Pacific/Johnston
Pacific/Kiritimati
Pacific/Kosrae
Pacific/Kwajalein
Pacific/Majuro
Pacific/Marquesas
Pacific/Midway
Pacific/Nauru
Pacific/Niue
Pacific/Norfolk
Pacific/Noumea
Pacific/Pago Pago
Pacific/Palau
Pacific/Pitcairn
Pacific/Pohnpei
Pacific/Ponape
Pacific/Port Moresby
Pacific/Rarotonga
Pacific/Saipan
Pacific/Samoa
Pacific/Tahiti
Pacific/Tarawa
Pacific/Tongatapu
Pacific/Truk
Pacific/Wake
Pacific/Wallis
Pacific/Yap
Poland
Portugal
ROC
ROK
Singapore
Turkey
UCT
US/Alaska
US/Aleutian
US/Arizona
US/Central
US/East-Indiana
US/Eastern
US/Hawaii
US/Indiana-Starke
US/Michigan
US/Mountain
US/Pacific
US/Samoa
UTC
Universal
W-SU
WET
Zulu
Filters:
Training Formats
    Location
    Dates

    Register for SEC474

    Loading...