Sign In

Sign In here to pay AMFs, submit CPEs, update profile settings, review transactions, and more.

HCISPP℠ - HealthCare Information Security and Privacy Practitioner

At the Forefront of Healthcare Security & Privacy

As the rapidly evolving healthcare industry faces increasing challenges to keeping personal health information protected – including growing volumes of electronic health records, new government regulations, and a more complex IT security landscape – there is a growing need to ensure knowledgeable and credentialed security and privacy practitioners are in place to protect this sensitive information. 

HCISPPs provide the frontline defense in protecting health information. Backed by (ISC)², a global not-for-profit organization that delivers the gold standard for information security certifications, the HCISPP credential confirms a practitioner’s core knowledge and experience in security and privacy controls for personal health information.

What domains are in the HCISPP CBK?

 The HCISPP exam will test the candidate's knowledge in the six domains of the (ISC)² HCISPP CBK®, which cover:

  • Healthcare Industry
  • Regulatory Environment
  • Privacy and Security in Healthcare
  • Information Governance and Risk Management
  • Information Risk Assessment
  • Third Party Risk Management

HCISPP candidates must have a minimum of two years of cumulative paid full-time work experience in one domain of the credential with the exception that one year of the cumulative experience must be in any combination of the first three domains in Healthcare (Healthcare Industry, Regulatory Environment in Healthcare, and Privacy & Security in Healthcare). The remaining one year of experience can be optionally in any of the remaining three HCISPP domains (Information Governance and Risk Management, Information Risk Assessment, and Third Party Risk Management), and does not have to be related to the Healthcare Industry. Learn more.

Who should obtain the HCISPP certification?

Healthcare Information Security and Privacy Practitioners (HCISPPs) are at the forefront of protecting patient health information. These are the practitioners whose foundational knowledge and experience unite healthcare information security and privacy best practices and techniques under one credential to protect organizations and sensitive patient data against emerging threats and breaches. HCISPPs are instrumental to a variety of job functions:

  • Compliance Officer
  • Information Security Manager
  • Privacy Officer
  • Compliance Auditor
  • Risk Analyst
  • Medical Records Supervisor
  • Information Technology Manager
  • Privacy & Security Consultant
  • Health Information manager

Who should employ HCISPPs?

Solidify a frontline defense with qualified, experienced, and credentialed healthcare information security and privacy practitioners. HCISPPs are instrumental to a variety of employers including:

  • Hospitals
  • Health Centers & Clinics
  • Group Practices
  • Privacy & Security Consulting Firms
  • Regulatory Agencies
  • Claims Processors
  • Health Clearing Houses


Find out how becoming an HCISPP will benefit you and your employer. 

 Why Do You Need HCISPPs? 

HCISPP Hire White Paper Thumb

Click here to find out