How to Get Your HCISPP® Certification

Earn the HCISPP from (ISC)²® by taking the following steps:

1. Obtain the Required Experience

HCISPP candidates must have a minimum of two years of cumulative paid full-time work experience in one domain of the HCISPP common body of knowledge (CBK®) that includes security, compliance, and privacy. Legal experience may be substituted for compliance and information management experience may be substituted for privacy. One of the two years of experience must be in the healthcare industry. All candidates must be able to demonstrate competencies in each of the following six domains:

  • Healthcare Industry
  • Regulatory Environment
  • Privacy and Security in Healthcare
  • Information Governance and Risk Management
  • Information Risk Assessment
  • Third Party Risk Management

Don't have the experience? Become an Associate of (ISC)². The Associate of (ISC)² program gives aspiring healthcare privacy and security practitioners access to career development resources, such as networking with established professionals and the opportunity to test their knowledge by taking the HCISPP exam while they're acquiring their work experience necessary to become credentialed. 

2. Schedule the Exam

  • Create an account at Pearson Vue and schedule your exam.
  • Complete the Examination Agreement, attesting to the truth of your assertions regarding professional experience, and legally committing to the adherence of the (ISC)² Code of Ethics.
  • Review the Candidate Background Questions.
  • Submit the examination fee 

3. Pass the Exam

The HCISPP exam consists of 125 multiple choice questions with four choices each. You will have up to three hours to complete the exam. Pass the HCISPP exam with a scaled score of 700 points or greater. Read the Exam Scoring FAQs

4. Complete the Endorsement Process

Once you are notified that you have successfully passed the examination, you will be required to subscribe to the (ISC)² Code of Ethics and have your application endorsed before the credential can be awarded. An endorsement form for this purpose must be completed and signed by an (ISC)²-certified professional who is an active member, and who is able to attest to your professional experience. With the endorsement time limit, you are required to become certified within nine months of the date of your exam or become an Associate of (ISC)². If you do not become certified or an Associate of (ISC)² within nine months of the date of your exam you will be required to retake the exam in order to become certified. (ISC)² can act as an endorser for you if you cannot find a certified individual to act as one. Please refer to the Endorsement Assistance Guidelines for additional information about the endorsement requirements. 

5. Maintain the HCISPP Certification

Recertification is required every three years by meeting all renewal requirements, which include:

  • Earn and submit a minimum of 20 continuing professional education (CPE) credits each year of the three-year certification cycle and a total of 60 CPE credits by end of the three-year certification cycle
  • Pay the annual maintenance fee (AMF) of US$65 each year of the three-year certification cycle for a total of US$195
  • Abide by the (ISC)² Code of Ethics

For more details concerning the HCISPP annual maintenance and renewal requirements, please contact (ISC)² Member Services at

Audit Notice*

Passing candidates will be randomly selected and audited by (ISC)² Member Services prior to issuance of any certificate. Multiple certifications may result in a candidate being audited more than once.