Announcement – HCISPP to be sunset

Kaity · ‎06-23-2023

Following an evaluation of the (ISC)² certification portfolio, (ISC)² has determined that HCISPP no longer meets the criteria to remain a (ISC)² certification program. Given this decision, the HCISPP certification program will be discontinued and will be designated an inactive credential effective three years from the date of the final exam: December 1, 2026

You can learn more at https://www.isc2.org/notice/HCISPP-Sunset

If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023.

However, we recommend either the entry-level Certified in Cybersecurity certification or the Healthcare Certificates as an alternative.

csjohnng · ‎06-23-2023

Yes, I received email notification about this today.

As a HCISPP holder, honestly I am a bit disappointed by this sunset decision. A certificate replace (or as an alternative to) a certification which is not making sense. (quote and quote the CCSP vs CCSK, "One important distinction to note is that the CCSP is a certification and the CCSK is a certificate.")

John

emb021 · ‎06-23-2023

Am disappointed by this as I don't feel that any organization has an equivalent certification. Why have not more people obtained it with the importance of PHI-related security & privacy??

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow

popaye4643 · ‎06-24-2023

HCISPP to be sunset

If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023.

gidyn · ‎06-24-2023

There are more HCISSPs than ISSEP, and about the same number as ISSMP. What are the chance of the concentrations following HCISSP into the sunset?

Early_Adopter · ‎06-25-2023

HCISSP more so I think than any other ISC2 certification, meets a really targeted requirement, and it's couched in language people understand.

I think many HCISSPs would like to drill into 'HCISPP no longer meets the strict requirements necessary to remain recognized as an (ISC)² certification'.

In terms of the advice here I don't think CC scratches the sides and am not sure from a member benefit standpoint why HCISSP wasn't refreshed with healthcare Certificates instead.

'If you were considering the HCISPP as a certification, you may still proceed with your exam until December 1, 2023. However, we recommend either the entry-level Certified in Cybersecurity certification or the newly launched Healthcare Certificates as an alternative.'

As noted above by @gidyn , where does this put CISSP Concentrations and I'm really hoping it doesn't represent a move to selling more general corporate training in this area which might be a more attractive market but doesn't support certification in this area.

gidyn · ‎06-26-2023

It would help if ISC2 could be less secretive and simply tell their members what "the strict requirements necessary to remain recognized as an (ISC)² certification" are.

Early_Adopter · ‎06-26-2023

Hmm, maybe it was a typos and supposed to read "...the strictly confidential..."? 😛

riffjim4069 · ‎06-26-2023

I'm not surprised. I've held the HCISPP certification since 2016, and have volunteered for a JTA and Exam Item Writing workshops. However, outside of a very small subset within the Healthcare IT community I see practically no demand for the HCISPP certification. I have a great many professional certifications (CISSP, ISSEP, CGRC, HCISPP, CISA, CISM, CRISC, Security+, CySA+, PenTest+, PMP, CIPP/G) as well as vendor certifications. I can make a case for each on their own merit, with my being able to obtain employment based solely on possessing that individual certification...all, except the HCISPP.

Even when I was working for a covered entity, not once did any of job requisitions require a candidate possess the HCISPP. To me it's not technical enough for someone being hired for the cybersecurity team, and it's not administrative enough for someone who requires a deep knowledge of healthcare privacy. I'm going to take advantage of the free CCSP self-training and exam voucher being extended to me since, IMO, everyone should have a industry and vendor cloud certification these days. I liked having the HCISPP certification, but wasn't a requirement. Just my random thoughts...

Cheers!

Early_Adopter · ‎06-26-2023

Yeah...

"But for a ha'peth of tar the fruit was left to wither on the vine..."

I think it's a shame in some ways because it should be down to ISC2 to look after the interests of members on their certification - and that to me means taking a systems approach to the certification and improving it rather than just stepping back, tutting and saying "oooh, that's a tuffie_, hmmm strict criterials, whatnot and all, a flaw was found so"...

Counting citations in job adverts does seem to be the doctor's order for certs - but I do think that ISC2 should maintain the arcane, anachronistic, esoteric and fun knowledge for the peculiar stuff - let's face it, once you have the experience and the network, you get referrals to work and with a few exceptions it's badges, sprinkles and a nice club you pay for(I like mony - collect 120 CPEs/Feral hogs - ... I know let's go to conferences).

Good choice on the CCSP and I look forward to welcoming you in due course - there are nearly 15k of us so we should survive second longest.

(ISC)² Member Counts (isc2.org) 1445 - so yeah - and the CISSP concentrations are looking similar in counts - so I shouldn't be surprised if they are perhaps made more accessible - maybe by removing CISSP as a gate?