cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kaity
Community Manager

Announcement – HCISPP to be sunset

Following an evaluation of the (ISC)² certification portfolio, (ISC)² has determined that HCISPP no longer meets the criteria to remain a (ISC)² certification program. Given this decision, the HCISPP certification program will be discontinued and will be designated an inactive credential effective three years from the date of the final exam: December 1, 2026

 

You can learn more at https://www.isc2.org/notice/HCISPP-Sunset

 

If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023.

 

However, we recommend either the entry-level Certified in Cybersecurity certification or the Healthcare Certificates as an alternative.

12 Replies
csjohnng
Community Champion

Yes, I received email notification about this today.

 

As a HCISPP holder, honestly I am a bit disappointed by this sunset decision. A certificate replace (or as an alternative to) a certification which is not making sense. (quote and quote the CCSP vs CCSK, "One important distinction to note is that the CCSP is a certification and the CCSK is a certificate.")

John
emb021
Advocate I

Am disappointed by this as I don't feel that any organization has an equivalent certification.  Why have not more people obtained it with the importance of PHI-related security & privacy??


---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
popaye4643
Viewer

HCISPP to be sunset

 

If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023.

gidyn
Contributor III

There are more HCISSPs than ISSEP, and about the same number as ISSMP. What are the chance of the concentrations following HCISSP into the sunset?

Early_Adopter
Community Champion

HCISSP more so I think than any other ISC2 certification, meets a really targeted requirement, and it's couched in language people understand.

 

I think many HCISSPs would like to drill into 'HCISPP no longer meets the strict requirements necessary to remain recognized as an (ISC)² certification'.

 

In terms of the advice here I don't think CC scratches the sides and am not sure from a member benefit standpoint why HCISSP wasn't refreshed with healthcare Certificates instead.

 

'If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023. However, we recommend either the entry-level Certified in Cybersecurity certification or the newly launched Healthcare Certificates as an alternative.'

 

As noted above by @gidyn , where does this put CISSP Concentrations and I'm really hoping it doesn't represent a move to selling more general corporate training in this area which might be a more attractive market but doesn't support certification in this area.

gidyn
Contributor III

It would help if ISC2 could be less secretive and simply tell their members what "the strict requirements necessary to remain recognized as an (ISC)² certification" are.
Early_Adopter
Community Champion

Hmm, maybe it was a typos and supposed to read "...the strictly confidential..."? 😛

riffjim4069
Newcomer II

I'm not surprised.  I've held the HCISPP certification since 2016, and have volunteered for a JTA and Exam Item Writing workshops.  However, outside of a very small subset within the Healthcare IT community I see practically no demand for the HCISPP certification.  I have a great many professional certifications (CISSP, ISSEP, CGRC, HCISPP, CISA, CISM, CRISC, Security+, CySA+, PenTest+, PMP, CIPP/G) as well as vendor certifications.  I can make a case for each on their own merit, with my being able to obtain employment based solely on possessing that individual certification...all, except the HCISPP. 
 
Even when I was working for a covered entity, not once did any of job requisitions require a candidate possess the HCISPP.  To me it's not technical enough for someone being hired for the cybersecurity team, and it's not administrative enough for someone who requires a deep knowledge of healthcare privacy.  I'm going to take advantage of the free CCSP self-training and exam voucher being extended to me since, IMO, everyone should have a industry and vendor cloud certification these days.  I liked having the HCISPP certification, but wasn't a requirement.  Just my random thoughts...
 
Cheers!

Early_Adopter
Community Champion

Yeah...

 

"But for a ha'peth of tar the fruit was left to wither on the vine..."

 

I think it's a shame in some ways because it should be down to ISC2 to look after the interests of members on their certification - and that to me means taking a systems approach to the certification and improving it rather than just stepping back, tutting and saying "oooh, that's a tuffie_, hmmm strict criterials, whatnot and all, a flaw was found so"... 

 

Counting citations in job adverts does seem to be the doctor's order for certs - but I do think that ISC2 should maintain the arcane, anachronistic, esoteric and fun knowledge for the peculiar stuff - let's face it, once you have the experience and the network, you get referrals to work and with a few exceptions it's badges, sprinkles and a nice club you pay for(I like mony  - collect 120 CPEs/Feral hogs - ... I know let's go to conferences).

 

Good choice on the CCSP and I look forward to welcoming you in due course - there are nearly 15k of us so we should survive second longest.

 

 

(ISC)² Member Counts (isc2.org) 1445 - so yeah - and the CISSP concentrations are looking similar in counts - so I shouldn't be surprised if they are perhaps made more accessible - maybe by removing CISSP as a gate?