Following an evaluation of the (ISC)² certification portfolio, (ISC)² has determined that HCISPP no longer meets the criteria to remain a (ISC)² certification program. Given this decision, the HCISPP certification program will be discontinued and will be designated an inactive credential effective three years from the date of the final exam: December 1, 2026
You can learn more at https://www.isc2.org/notice/HCISPP-Sunset
If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023.
Yes, I received email notification about this today.
As a HCISPP holder, honestly I am a bit disappointed by this sunset decision. A certificate replace (or as an alternative to) a certification which is not making sense. (quote and quote the CCSP vs CCSK, "One important distinction to note is that the CCSP is a certification and the CCSK is a certificate.")
Am disappointed by this as I don't feel that any organization has an equivalent certification. Why have not more people obtained it with the importance of PHI-related security & privacy??
HCISSP more so I think than any other ISC2 certification, meets a really targeted requirement, and it's couched in language people understand.
I think many HCISSPs would like to drill into 'HCISPP no longer meets the strict requirements necessary to remain recognized as an (ISC)² certification'.
In terms of the advice here I don't think CC scratches the sides and am not sure from a member benefit standpoint why HCISSP wasn't refreshed with healthcare Certificates instead.
'If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023. However, we recommend either the entry-level Certified in Cybersecurity certification or the newly launched Healthcare Certificates as an alternative.'
As noted above by @gidyn , where does this put CISSP Concentrations and I'm really hoping it doesn't represent a move to selling more general corporate training in this area which might be a more attractive market but doesn't support certification in this area.
I'm not surprised. I've held the HCISPP certification since 2016, and have volunteered for a JTA and Exam Item Writing workshops. However, outside of a very small subset within the Healthcare IT community I see practically no demand for the HCISPP certification. I have a great many professional certifications (CISSP, ISSEP, CGRC, HCISPP, CISA, CISM, CRISC, Security+, CySA+, PenTest+, PMP, CIPP/G) as well as vendor certifications. I can make a case for each on their own merit, with my being able to obtain employment based solely on possessing that individual certification...all, except the HCISPP.
Even when I was working for a covered entity, not once did any of job requisitions require a candidate possess the HCISPP. To me it's not technical enough for someone being hired for the cybersecurity team, and it's not administrative enough for someone who requires a deep knowledge of healthcare privacy. I'm going to take advantage of the free CCSP self-training and exam voucher being extended to me since, IMO, everyone should have a industry and vendor cloud certification these days. I liked having the HCISPP certification, but wasn't a requirement. Just my random thoughts...
"But for a ha'peth of tar the fruit was left to wither on the vine..."
I think it's a shame in some ways because it should be down to ISC2 to look after the interests of members on their certification - and that to me means taking a systems approach to the certification and improving it rather than just stepping back, tutting and saying "oooh, that's a tuffie_, hmmm strict criterials, whatnot and all, a flaw was found so"...
Counting citations in job adverts does seem to be the doctor's order for certs - but I do think that ISC2 should maintain the arcane, anachronistic, esoteric and fun knowledge for the peculiar stuff - let's face it, once you have the experience and the network, you get referrals to work and with a few exceptions it's badges, sprinkles and a nice club you pay for(I like mony - collect 120 CPEs/Feral hogs - ... I know let's go to conferences).
Good choice on the CCSP and I look forward to welcoming you in due course - there are nearly 15k of us so we should survive second longest.
(ISC)² Member Counts (isc2.org) 1445 - so yeah - and the CISSP concentrations are looking similar in counts - so I shouldn't be surprised if they are perhaps made more accessible - maybe by removing CISSP as a gate?