How to Get Your HCISPP® Certification

Earn the HCISPP from (ISC)²® by taking the following steps:

1. Obtain the Required Experience

Candidates must have a minimum of 2 years cumulative paid full-time work experience in 1 or more knowledge areas of the HCISPP CBK that includes security, compliance, and privacy. Legal experience may be substituted for compliance and information management experience may be substituted for privacy. Of the 2 years of experience, 1 of those years must be in the healthcare industry.

If you do not have the required experience, you may still sit for the exam and become an Associate of (ISC)² until you have gained the required experience. 

2. Schedule the Exam

  • Create an account at Pearson Vue and schedule your exam.
  • Complete the Examination Agreement, attesting to the truth of your assertions regarding professional experience, and legally committing to the adherence of the (ISC)² Code of Ethics.
  • Review the Candidate Background Questions.
  • Submit the examination fee 

3. Pass the Exam

The HCISPP exam consists of 125 multiple choice questions with four choices each. You will have up to three hours to complete the exam. Pass the HCISPP exam with a scaled score of 700 points or greater. Read the Exam Scoring FAQs

4. Complete the Endorsement Process

Once you are notified that you have successfully passed the examination, you will be required to subscribe to the (ISC)² Code of Ethics and have your application endorsed before the credential can be awarded. An endorsement form for this purpose must be completed and signed by an (ISC)²-certified professional who is an active member, and who is able to attest to your professional experience. With the endorsement time limit, you are required to become certified within nine months of the date of your exam or become an Associate of (ISC)². If you do not become certified or an Associate of (ISC)² within nine months of the date of your exam you will be required to retake the exam in order to become certified. (ISC)² can act as an endorser for you if you cannot find a certified individual to act as one. Please refer to the Endorsement Assistance Guidelines for additional information about the endorsement requirements. 

5. Maintain the HCISPP Certification

Recertification is required every three years by meeting all renewal requirements, which include:

  • Earn and submit a minimum of 20 continuing professional education (CPE) credits each year of the three-year certification cycle and a total of 60 CPE credits by end of the three-year certification cycle
  • Pay the annual maintenance fee (AMF) of US$65 each year of the three-year certification cycle for a total of US$195
  • Abide by the (ISC)² Code of Ethics

For more details concerning the HCISPP annual maintenance and renewal requirements, please contact (ISC)² Member Services at

Audit Notice*

Passing candidates will be randomly selected and audited by (ISC)² Member Services prior to issuance of any certificate. Multiple certifications may result in a candidate being audited more than once.

HCISPP certification

Healthcare Webinars

Leveraging the Cloud for
Healthcare Security

Watch Now

SARS, MERS, Ebola Oh My!
The Privacy Impact of Disease Tracking in EHRs
Watch Now


Leading Practices in Securing EHRs
Watch Now 


 Top Reasons Why HCISPPs are in Demand 

HCISPP Hire White Paper Thumb

Click here to download