Sign In

Sign In here to pay AMFs, submit CPEs, update profile settings, review transactions, and more.

HCISPP℠ - HealthCare Information Security and Privacy Practitioner

The Front-Line Defense for Protecting Patient Data

As the rapidly evolving healthcare industry faces increasing challenges to keeping personal health information protected, there is a growing need to ensure knowledgeable and credentialed security and privacy practitioners are in place to protect this sensitive information. 

HCISPPs provide the front-line defense in protecting health information. Backed by (ISC)²®, a global not-for-profit organization that delivers the gold standard for information security certifications, the HCISPPSM credential confirms a practitioner’s core knowledge and experience in security and privacy controls for personal health information.

What domains are in the HCISPP CBK®?

 The HCISPP exam will test the candidate's knowledge in the six domains of the (ISC)² HCISPP CBK, which cover:

  • Healthcare Industry
  • Regulatory Environment
  • Privacy and Security in Healthcare
  • Information Governance and Risk Management
  • Information Risk Assessment
  • Third Party Risk Management

HCISPP candidates must have a minimum of two years of cumulative paid full-time work experience in one domain of the credential with the exception that one year of the cumulative experience must be in any combination of the first three domains in Healthcare (Healthcare Industry, Regulatory Environment, and Privacy and Security in Healthcare). The remaining one year of experience can be optionally in any of the remaining three HCISPP domains (Information Governance and Risk Management, Information Risk Assessment, and Third-Party Risk Management), and does not have to be related to the healthcare industry. Learn more.

Who should obtain the HCISPP certification?

HCISPPs are at the forefront of protecting patient health information. These are the practitioners whose foundational knowledge and experience unite healthcare information security and privacy best practices and techniques under one credential to protect organizations and sensitive patient data against emerging threats and breaches. HCISPPs are instrumental to a variety of job functions, including:

  • Compliance officer
  • Information security manager
  • Privacy officer
  • Compliance auditor
  • Risk analyst
  • Medical records supervisor
  • Information technology manager
  • Privacy and security consultant
  • Health information manager
  • Practice manager

Who should employ HCISPPs?

Solidify a frontline defense with qualified, experienced, and credentialed healthcare information security and privacy practitioners. HCISPPs are instrumental to a variety of employers, including:

  • Hospitals
  • Health centers and clinics
  • Group practices
  • Privacy and security consulting firms
  • Regulatory agencies
  • Claims processors
  • Health clearing houses


Find out how becoming an HCISPP will benefit you and your employer. 

register to take the examsearch for a hcispp review seminar  

Healthcare Webinar

SARS, MERS, Ebola Oh My!
The Privacy Impact of Disease Tracking in EHRs
Watch Now


Healthcare Events

 Free 2-hr HCISPP Education Session
Chicago, IL
April 16th
Register Today

Arlington, VA
May 1st
Register Today  


 Top Reasons Why HCISPPs are in Demand 

HCISPP Hire White Paper Thumb

Click here to download