Top of Page
 

HCISPP Domain Refresh FAQ

Q:

Why are changes being made to the HCISPP exam?

A:

(ISC)² has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process that (ISC)² follows to routinely update its credential exams. This process ensures that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing healthcare security professional.

Q:

How is the HCISPP exam changing?

A:

The content of the HCISPP has been refreshed to reflect the most pertinent issues that healthcare security professionals currently face, along with the best practices for mitigating those issues. Some topics have been updated while others have been realigned. The result is an exam that most accurately reflects the deep knowledge and hands-on experience with the healthcare industry, governance, regulation and standards.

As a result of the content refresh, we have updated the domain names to describe the topics accurately.

Previous HCISPP Domain Name New HCISPP Domain Name
Domain 1: Healthcare Industry Domain 1: Healthcare Industry
Domain 2: Regulatory Environment Domain 2: Information Governance in Healthcare
Domain 3: Privacy and Security in Healthcare Domain 3: Information Technologies in Healthcare
Domain 4: Information Governance and Risk Management Domain 4: Regulatory and Standards Environment
Domain 5: Information Risk Assessment Domain 5: Privacy and Security in Healthcare
Domain 6: Third Party Risk Management Domain 6: Risk Management and Risk Assessment
Domain 7: Third-Party Risk Management

 

The weights for the domains are also changing.

Major Domains Weightings (Percentage)
Domain 1: Healthcare Industry 12%
Domain 2: Information Governance in Healthcare 5%
Domain 3: Information Technologies in Healthcare 8%
Domain 4: Regulatory and Standards Environment 15%
Domain 5: Privacy and Security in Healthcare 25%
Domain 6: Risk Management and Risk Assessment 20%
Domain 7: Third-Party Risk Management 15%
Total 100%
Q:

Why do domains for (ISC)² credential exams change?

A:

Domains change because it is a reflection of a change in the knowledge, skills and abilities, as indicated by experts through the Job Task Analysis process.

Q:

When will these changes go into effect?

A:

The changes will begin on September 1, 2019.

Q:

In what language will the refreshed HCISPP exam be available?

A:

The refreshed HCISPP exam will be available in English only.

Q:

Will this change the number of questions or the time required to take the HCISPP exam?

A:
No. The HCISPP exam will have the same number of items, and the time required to take the exam will be the same.
Q:

If I have been studying for the HCISPP exam with material that focuses on the current domains, will I be sufficiently prepared to take the new exam without additional study?

A:

(ISC)² exams are experience-based that include experience-based questions that cannot be learned by studying alone. If you already have the experience in the domains covered in HCISPP and believe that you have sufficiently studied those domains, you should feel confident that you are qualified to take the new exam and pass it. (ISC)² cannot guarantee you will pass the exam.

Q:

Do these updates affect the experience requirement for the HCISPP?

A:

No. For the HCISPP, a candidate is required to have a minimum of two years cumulative work experience in one or more of the seven domains of the HCISPP CBK.

Q:

What impact do these changes have on (ISC)² training materials?

A:
The Official (ISC)² HCISPP Training Course will be available on November 1, 2019.
OK