HCISPP domain-related changes effective September 1, 2019

October 27, 2023

Effective September 1, 2019, (ISC)² will implement domain-related changes for HealthCare Information Security and Privacy Practitioner (HCISPP®) credential exam. These changes are being implemented based on the outcome of the Job Task Analysis (JTA). The JTA provides the foundation for each of (ISC)²’s examinations. The domain names for the HCISPP have changed as noted in the chart below:

Previous HCISPP Domain Name New HCISPP Domain Name
Domain 1: Healthcare Industry Domain 1: Healthcare Industry
Domain 2: Regulatory Environment Domain 2: Information Governance in Healthcare
Domain 3: Privacy and Security in Healthcare Domain 3: Information Technologies in Healthcare
Domain 4: Information Governance and Risk Management Domain 4: Regulatory and Standards Environment
Domain 5: Information Risk Assessment Domain 5: Privacy and Security in Healthcare
Domain 6: Third Party Risk Management Domain 6: Risk Management and Risk Assessment
  Domain 7: Third-Party Risk Management

The domain weights will be as follows:

Major Domains Weightings (%)
Domain 1: Healthcare Industry 12%
Domain 2: Information Governance in Healthcare 5%
Domain 3: Information Technologies in Healthcare 8%
Domain 4: Regulatory and Standards Environment 15%
Domain 5: Privacy and Security in Healthcare 25%
Domain 6: Risk Management and Risk Assessment 20%
Domain 7: Third-Party Risk Management 15%
Total 100%

Please click on the link to the get more update on HCISPP Exam Outline and FAQs for further clarification. If you have any additional questions about these changes, please us know.

What to read next

This website uses cookies to ensure you get the best experience on our website. (Privacy Policy)