(ISC)² announced domain refreshes to its HCISPP certification exam, which took effect on September 1, 2019. This is the first update that has been made to the HCISPP exam since its introduction in 2013, and the enhancements are the result of a rigorous, methodical process that (ISC)² follows to routinely update its credential exams. The details of these changes are outlined in a HCISPP Domain Refresh FAQ on the association’s website. The changes follow a recent update to the CCSP exam for cloud security professionals made last month.

“Regular assessments of our certification exams help to ensure that each exam covers topics that are pertinent to the current roles and responsibilities of our certification holders in today’s evolving cybersecurity landscape,” said Casey Marks, chief product officer and vice president, (ISC)². “As organizations increasingly focus on protecting patient health information and navigating a complex regulatory environment, new skills are now required of HCISPP holders. These changes in healthcare cybersecurity have been factored into the knowledge base we’re testing during our exam process.”

As consumer data privacy laws like the California Consumer Privacy Act (CCPA) begin to take effect, the HCISPP is the only certification that combines cybersecurity skills with privacy best practices and techniques. It demonstrates that the holder has the knowledge and ability to implement, manage and assess security and privacy controls to protect healthcare organizations and it asserts a strong foundation in healthcare risk, security and privacy, and an understanding of important healthcare regulations like the Health Insurance Portability and Accountability Act (HIPAA).

The foundational elements of the HCISPP exam remain, however the domain names and weights have been refined, and a seventh domain – or core disciplinary areas of focus – has been added. The exam will have the same number of items, and the time required to take the exam will be the same. The result is an exam that most accurately reflects the deep knowledge and hands-on experience required of the healthcare industry, including its governance, regulation and standards. The content aligns with the Common Body of Knowledge (CBK^®), which is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.

The HCISPP Certification Exam Outline can be viewed here: https://www.isc2.org/Certifications/-/media/ISC2/Certifications/Exam-Outlines/HCISPP-DCO. An updated Official (ISC)² HCISPP Training Course will be available starting on November 1, 2019.