HealthCare Information Security and Privacy Practitioner
Protect Those Who Are Counting on You
You do more than protect sensitive patient data. You protect lives. And every day, you have to be ready for new threats and breaches, changes to regulations and the growing complexities of healthcare IT.
Take on these challenges with confidence with the HCISPP! This global healthcare security certification proves you have what it takes to implement, manage and assess the proper security and privacy controls to protect healthcare organizations.
The HCISPP is unique because it combines information security skills with privacy best practices and techniques. No other certification addresses the foundational knowledge in healthcare security and privacy like the HCISPP.
As an HCISPP, you’re on the forefront of protecting patient health information.
Start pursuing your HCISPP today.
Get To Know The HCISPP
Get the Needed Experience
To qualify for the HCISPP certification, you must have:
- A minimum of two years of cumulative, paid, full-time work experience
- In one or more knowledge areas of the HCISPP Common Body of Knowledge (CBK) that includes security, compliance and privacy
Legal experience may be substituted for compliance. Information management experience may be substituted for privacy. Of your two years of experience, one of those years must be in the healthcare industry. Don’t have the required work experience yet? You can take and pass the HCISPP exam to earn an Associate of (ISC)2 designation. Then, you’ll have up to three years to earn your required work experience for the HCISPP.
Create an Account at Pearson VUE and Schedule Your Exam
To schedule an exam, you must create an account at Pearson VUE. Pearson VUE is the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website. Once you’ve set up your account and are ready to register, you’ll need to:
- Complete the Examination Agreement. You agree to the truth of your assertions regarding professional experience. You also legally commit to the adherence of the (ISC)² Code of Ethics.
- Review the Candidate Background Questions.
- Pay the exam fee.
Pass the Exam
This is the day to show your greatness! You’ll have three hours to complete the 125 exam questions. You must pass the exam with a scaled score of 700 points or greater. Want more details? Read our exam scoring FAQs.
Subscribe to the (ISC)² Code of Ethics and Get Endorsed
Let’s say you pass the exam. Then what? Before this healthcare security certification can be awarded, you have to:
- Subscribe to the (ISC)² Code of Ethics.
- Have your application endorsed.
Your endorsement form must be completed and signed by an (ISC)² certified professional. He or she needs to be an active member who can confirm your professional experience. (ISC)² can endorse you if you can’t find a certified individual. You have nine months from the date of the exam to complete these steps. If you don’t, you have to retake the exam to get certified. Want to learn more? Read our endorsement assistance guidelines.
Yes, there are other certifications out there for healthcare IT, privacy or security. But the HCISPP is the only certification that proves you have the practical skills, foundational knowledge and experience in both security and privacy on an international level.
Here’s why you should take on the HCISPP certification:
- Credibility. The HCISPP sets you apart. It shows you know best practices and have real-world expertise in both healthcare information security and privacy. It gives you more authority and appeal.
- Growth and learning. From exam prep to continuing education, the HCISPP offers many ways to expand your knowledge. You can stay current with changes in healthcare security and privacy.
- Global expertise. The HCISPP exam covers current, global topics. This ensures you’re up-to-speed on evolving threats and regulations around the world. You’re better prepared to protect your organization and patient data.
- Versatile skills. The HCISPP isn’t product specific, so you can apply your skills to different technologies or initiatives — including mobile devices, single sign-on, cloud migration and electronic information exchange.
- Stronger collaboration. As an HCISPP, your knowledge spans security and privacy. You can bridge the gap between departments and better understand problems. In doing so, you can earn more respect and be more successful in your work.
- Increased compensation. While pay practices vary by employer, many HCISPPs find that this certification can lead to increases in pay.
What the Industry Is Saying About the HCISPP
The HCISPP is ANSI-Accredited
The CSSLP certification is accredited by the American National Standards Institute (ANSI). This means it complies with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program? Visit the Institute for Credentialing Excellence website for details.
The HCISPP can add value whether you’re a consultant or a practitioner on the front-lines of healthcare security and privacy. But is it right for you?
The HCISPP is a great fit for you if you:
- Have well-rounded skills. You have practical healthcare experience, as well as a foundation in information security, privacy or risk.
- Want to expand your knowledge and keep up with emerging threats and evolving regulations. You’re passionate about learning.
- Are looking for a powerful way to earn more respect, better opportunities and/or higher pay.
- Understand you’re the frontline defense in protecting patient health information. Everything you do matters. The HCISPP will make you better at protecting your organization and the patients counting on you.
- While the HCISPP is designed for those in hands-on roles, many CISSPs pursue it too. It validates your healthcare security and privacy expertise, and gives you a greater level of credibility.
The HCISPP is ideal for those working in roles such as:
- Compliance officer
- Information security manager
- Privacy officer
- Compliance auditor
- Risk analyst
- Medical records supervisor
- Information technology manager
- Privacy and security consultant
- Health information manager
- Practice manager
Wondering whether the HCISPP makes sense for you? Talk to a certification consultant.
The exam outline is a free resource that details the major topics and subtopics within the domains that are covered on the HCISPP exam. Reviewing this outline will help you determine which topics you may feel less confident about and develop a study plan around those topics.
Prepare for your HCISPP exam through a combination of training courses and individual study. And learn from (ISC)2 — the creator of the HCISPP CBK! Simply choose the best training format for your schedule, needs and learning style.
- Ideal for hands-on learners. We offer the most thorough review of the HCISPP CBK, industry concepts and best practices
- Three-day training event delivered in a classroom setting. Eight hours a day.
- Led by authorized instructors.
Private On-Site Training
- A cost-effective and convenient training solution if your organization has 10 or more employees taking the exam.
- Tailored to your team’s schedule, budget and certification requirements.
- Conveniently taught in your office space or a local venue.
- Led by authorized instructors.
HCISPP Training Course Overview
Our training helps you fully prepare for this cloud security certification. You will:
- Review, refresh and expand your healthcare security knowledge.
- Identify areas you need to study for the HCISPP exam.
You can expect an in-depth review of the six domains of the HCISPP CBK — including discussion of industry best practices and timely healthcare security and privacy concepts. (ISC)² authorized instructors lead all our training. You’re learning from industry experts who understand you. They know how to make the content highly relatable. And they go through a rigorous process to teach to our CBK. Plus, we use proven adult learning techniques to reinforce topics. This approach increases how much information you retain. Our techniques are highly interactive. They focus on real-world learning activities and scenarios, so you get the most out of training.
In addition to training, (ISC)² offers resources to help you with self-study. Resources include:
Once you’ve earned this world-class healthcare security certification, you become a member of (ISC)². You enter one of the largest communities of information security professionals in the world. You gain access to unparalleled global resources and networking. Quite simply, you have endless opportunities to grow and refine your craft. But certification is a privilege that must be earned and maintained.
To remain in good standing with your HCISPP, you need to:
- Abide by the (ISC)² Code of Ethics.
- Earn and post Continuing Professional Education (CPE) credits.
- Pay your Annual Maintenance Fee (AMF).
Here’s a closer look at each.
Abiding by the (ISC)² Code of Ethics
You agree to fully support and follow the (ISC)² Code of Ethics.
Earning and Posting CPE Credits
Healthcare security is constantly changing. (You know this well!) You need to earn CPE hours to stay well-rounded and keep up your expertise. Over the three-year HCISPP certification cycle, you must earn and post a minimum of 90 CPE credits. CPEs may sound like a big task. However, (ISC)² makes it easy for you to earn your CPE credits on a regular basis.
(ISC)² offer access to:
- Live educational events around the world.
- Online seminars that can be taken in the comfort of your home or office. They’re available exclusively to (ISC)² members.
- And many more learning opportunities.
Paying Annual Maintenance Fees (AMFs)
Once you earn this healthcare security certification, you must pay USD$65 each year of your three-year certification cycle. Your payment is due before your certification or recertification annual anniversary date. Your payments help ensure that (ISC)2 has the financial resources to:
- Be a functional, dynamic entity for leading information security and IT professionals (like you) far into the future.
- Develop more CPE opportunities.
- Continue to meet the certification needs and requirements of information security professionals.
- Maintain member records.
How to Regain Membership if Your HCISPP Ceases
If you wish to regain membership, you’ll need to:
- Pay any outstanding AMF payments. (This needs to take place before you sit for the exam.)
- Retake and pass the exam to become certified again.
- Contact Member Services to reactivate your certification after you pass the exam.
Do you have questions about maintaining your HCISPP certification? Ask Member Services.
What Certification Do You Want To Learn About Next?