making IT better!

HealthCare Information Security and Privacy Practitioner (HCISPP)

Contact Us

The HealthCare Information Security and Privacy Practitioner (HCISPP) certification distinguishes professionals at the forefront of protecting patient health information. HCISPP validates the knowledge and ability required to implement, manage and assess security and privacy controls to safeguard healthcare organizations using best practices and techniques.

ISC2 Training Official Provider


The HCISPP is ideal for those working in roles such as:

  • Compliance Officer
  • Information Security Manager
  • Privacy Officer
  • Compliance Auditor
  • Risk Analyst
  • Practice Manager
  • Medical Records Supervisor
  • Information Technology Manager
  • Privacy and Security Consultant
  • Health Information Manager


Candidates must have a minimum of 2 years’ cumulative work experience in 1 or more of the 7 domains of the HCISPP Common Body of Knowledge (CBK) that includes security, compliance and privacy. Legal experience may be substituted for compliance and information management experience may be substituted for privacy. Of the 2 years’ experience, 1 must be in the healthcare industry.

A candidate who doesn’t have the required experience may become an Associate of (ISC)² by successfully passing the HCISPP examination. The Associate of (ISC)² will then have 3 years to earn the 2 years of required experience.


  1. Healthcare Industry
  2. Information Governance in Healthcare
  3. Information Technologies in Healthcare
  4. Regulatory and Standards Environment
  5. Privacy and Security in Healthcare
  6. Risk Management and Risk Assessment
  7. Third-Party Risk Management


  • Length: Up to 3 hours
  • Questions: 125
  • Format: Multiple choice
  • Passing Score: 700 out of 1000 points
  • Testing Center: Pearson VUE Testing Center (
  • Availability: English

Contact us