HCISPP Studying

rwinkler1

Hi all!

Just wondering if anyone has any recent experience with getting their HCISPP. I started studying the CBK but fear that might not be enough. I have been really itching to find some practice questions out there but have had no such luck except for the 10 questions at the end of each chapter. I like to study sample questions to get an idea on how they are formatted and to go back and read over the items I don't know the answer to. Is there anything out there where I can do this?

Thanks in advance!

whotime

I am starting to study for this as well. Here is the thread I have been reading and bought the other book instead of the CBK. I will probably get the CBK as well.

http://www.techexams.net/forums/security-certifications/114149-hcispp-study-materials.html

rwinkler1

Thanks for that. Yeah, I am just concerned only reading the material will be no good. It's kinda like how to best prepare for the CISA you should really nail down the material in the practice questions. Though that test is administered by ISACA, not having practice questions to look over really concerns me as I have never taken an (ISC)2 exam before.

JazzPilot56

I passed the exam last night (12/22/15). Here’s what I did:

First, I only had 8 days to study for the test (from 12/14 to 12/22). Three days were spent taking the (ISC)² classroom training (12/14-16), which I highly recommend. Marco Polizzi was the instructor and he was excellent. The offered a discounted bundle which included the in person training, course materials (book and flash cards) and PearsonVue voucher to sit for the exam (if you want to take the training course, I highly recommend the bundle).

After training only 5 days were left for self-study (12/17-22). Several people recommended other books to study, so in addition to the HCISPP℠ CBK® Training Seminar Student Guidebook (which came with the course), I also purchased Sean Murphy’s “Healthcare Information Security and Privacy“ book which arrived last Friday. Given crunch time, I read it cover-to-cover over the weekend.

It’s a great supplement to the HCISPP℠ CBK®. The book covered a lot of ground in a readily digestible format, in some ways it was better than the CBK®. At a minimum I recommend reading them in tandem as there are some complimentary aspects.

During final prep I quickly read through the entire HCISPP℠ CBK® a second time, focusing on the sample questions and end of the chapter review materials (flash cards were also provided which mirrored the CBK® chapter review materials).

Then I sat for the test last night. It took about 2 hours & 20 minutes to go through the first pass, and 25 minutes to review all the questions a second time. In addition, I took two 5 minute bio breaks to stretch my legs and clear my head, so in the end there were 5 minutes remaining.

The first pass through I was only 60-70% confident in my answers, but after the second pass I was pretty certain that I'd passed the exam and felt comfortable that I’d answered at least 90% correctly (I only changed the answers to 3 questions). Unfortunately you don’t get a score, just a pass or fail.

Overall, I’m thrilled to have passed the exam, especially after just basically a week of study, and look forward to applying for the certification (which I understand takes 5 weeks). According to Marco, there are less than 500 (ISC)² Certified HCISPP® professionals, so I’m proud to be in good company.

As a side note, I scheduled the exam prior to taking the training. My thought is that I wanted a date certain that mandated that I focus 100% on the materials and passing the test. Other people in the class said they were either thinking about taking the test or planning on it, but sometime in the future. My concern with that is I’d just let it slip again and again and never end up sitting for it; setting a firm date didn’t allow that to be an option (sure, the test can be rescheduled for $50, but not in my mind).

Anyway, hope that helps. If you have any questions, don’t hesitate to reach out.

William
BS, MS, CISSP, CISA, CISM, FLMI, ATP

rwinkler1

Congratulations on passing! With only 8 days to study wow.

And thanks for your reply. I've really been studying on and off. I've read the CBK front to back and have gone back to do some highlighting/re-reading. I also bought the HCISPP Study Guide book by Justin Rainey. I probably should have bought the Sean Murphy book but I was sucked in to the description of the study guide book saying it, "Provides the most complete and effective study guide to prepare you for passing the HCISPP exam - contains only what you need to pass the test, and no fluff!" I've read this book from front to back as well but it contains no where near the depth of material the CBK has in it. For example the CBK goes in to detail about different security models such as Biba and Bell-Lapadulla but the study guide doesn't mention security models at all. Does the exam go that much in depth? It really makes me think this book doesn't really prepare you for the exam and that I should probably focus more on the CBK. A big concern I have is how in depth to I really need to go with the material? Does the CBK really contain fluff that won't be on the exam? I've created my own flash cards to study and I have also gone through the flash cards provided by (ISC)2 but I am just concerned I am not going over the appropriate material.

Maybe I am just over stressing. I guess that just comes with the fun of exam prep

Remedymp

JazzPilot56 wrote: »

I passed the exam last night (12/22/15). Here’s what I did:

First, I only had 8 days to study for the test (from 12/14 to 12/22). Three days were spent taking the (ISC)² classroom training (12/14-16), which I highly recommend. Marco Polizzi was the instructor and he was excellent. The offered a discounted bundle which included the in person training, course materials (book and flash cards) and PearsonVue voucher to sit for the exam (if you want to take the training course, I highly recommend the bundle).

After training only 5 days were left for self-study (12/17-22). Several people recommended other books to study, so in addition to the HCISPP℠ CBK® Training Seminar Student Guidebook (which came with the course), I also purchased Sean Murphy’s “Healthcare Information Security and Privacy“ book which arrived last Friday. Given crunch time, I read it cover-to-cover over the weekend.

It’s a great supplement to the HCISPP℠ CBK®. The book covered a lot of ground in a readily digestible format, in some ways it was better than the CBK®. At a minimum I recommend reading them in tandem as there are some complimentary aspects.

During final prep I quickly read through the entire HCISPP℠ CBK® a second time, focusing on the sample questions and end of the chapter review materials (flash cards were also provided which mirrored the CBK® chapter review materials).

Then I sat for the test last night. It took about 2 hours & 20 minutes to go through the first pass, and 25 minutes to review all the questions a second time. In addition, I took two 5 minute bio breaks to stretch my legs and clear my head, so in the end there were 5 minutes remaining.

The first pass through I was only 60-70% confident in my answers, but after the second pass I was pretty certain that I'd passed the exam and felt comfortable that I’d answered at least 90% correctly (I only changed the answers to 3 questions). Unfortunately you don’t get a score, just a pass or fail.

Overall, I’m thrilled to have passed the exam, especially after just basically a week of study, and look forward to applying for the certification (which I understand takes 5 weeks). According to Marco, there are less than 500 (ISC)² Certified HCISPP® professionals, so I’m proud to be in good company.

As a side note, I scheduled the exam prior to taking the training. My thought is that I wanted a date certain that mandated that I focus 100% on the materials and passing the test. Other people in the class said they were either thinking about taking the test or planning on it, but sometime in the future. My concern with that is I’d just let it slip again and again and never end up sitting for it; setting a firm date didn’t allow that to be an option (sure, the test can be rescheduled for $50, but not in my mind).

Anyway, hope that helps. If you have any questions, don’t hesitate to reach out.

William
BS, MS, CISSP, CISA, CISM, FLMI, ATP

How many years of experience do you have in health care? if you don't mind me asking.

JazzPilot56

Here's the quick answer: Don't bother with the hardbound HCISPP CBK, honestly, I didn't even open it (not because I wasn't interested, but because a certain trusted person told me not to bother with it, so I didn't). The only ISC2 material I studied was the soft cover "Training Seminar Student Guidebook". Most important - study and make sure you're 100% familiar with all of the chapter review terms (at the end of each chapter - they're the same as the flash cards). I've passed the CISSP and am certified, so I'm very familiar with Biba and Bell-Lapadulla - I can't disclose what was on the test, but I will say those terms didn't come up in my course of studies for the HCISPP. The one area I felt weakest on was "Covered Entities and Business Associates"; likewise, can't say if this was on the test, but wish I'd studied that a little more carefully. As for my experience, it has been as a third party entity doing billing / receivables management. If you're in the healthcare industry, you'll do fine. Mental preparation is the most important for these tests. If you believe you'll pass the exam, you will. Set a date in your mind (and even schedule the PearsonVue exam for a hard date), and then just commit yourself to doing it (actually, this applies to all certification exams). Set the date, put the blinders on, commit yourself and get it done. If you do that I'm absolutely certain you'll pass. Best on your studies and taking the exam. William

rwinkler1

Thanks for the clarification. I wish there was away for me to obtain the Training Seminar Student Guidebook without attending the seminar (I wish I could but it's god awful expensive and my exam is 1/7). One of my supervisors did recently let me borrow his flash cards from when he attended so I have been studying those as while reading through the domains again. I should ask him if he still has his guidebook too.

Another concerning factor for me is this will be the first (ISC)2 exam I have taken so I am not familiar with how tricky the questions can be. Can you provide any advice as to a good strategy to use when taking the exam and going through the questions?

Again, thanks for your input. It really helps since this cert doesn't really have a lot of resources out there. - Ryan

rwinkler1

Whoo! I passed! Thanks @JazzPilot56 for your guidance. I decided to attempt to pay it forward by offering my guidance here.

Remedymp

rwinkler1 wrote: »

Whoo! I passed! Thanks @JazzPilot56 for your guidance. I decided to attempt to pay it forward by offering my guidance here.

Congrats.

talbert80

Congrats everyone who passed. I realize my post may be late, but it may help someone. I have the CISSP, SSCP, HCISPP. I also struggled with not having practice questions for the HCISPP. I hope this helps someone. I did the following to prepare:

(The quizlet folder was created in August 2015)

ISC2Education
[url]Https://quizlet.com/isc2education/folders/hcispp[/url]

Read the following books:
HCISPP Study Guide

Healthcare Information Security and Privacy (Nelson)

Studied overviews of the following frameworks:

Frameworks

ISO Publication – 27002:2005 or 27002:2013 (understand risk assessment process)

HITRUST (understand what the framework is and what it covers)

NIST RMF

*

Federal Legislation/Standards (understand key components of legislation)

PIPEDA privacy principles (Canada)

Data protection Directive (EU) privacy principles

EU-US Safe Harbor

HIPAA Security Rule

HIPAA Privacy Rule

HIPAA Breach Notification Rule

Federal Trade Commission Breach Notification Rule

Organisation for Economic Co-operation and Development (OECD) Privacy Principles

Generally Accepted Privacy Principles

*

*

NIST Special Publications (understand the process, the name and number of the publication, specifically risk management) –

FIPS 140-2 Security Requirements for Cryptographic Modules

NISTIR 8053 – De-Identification of Personally Identifiable Information

800-30 – Conducting Risk Assessments

800-34 – Contingency Planning

800-37 – Guide to applying the Risk Management Framework

800-39 – Managing Information Security Risk

800-53 – Security and Privacy Controls for Federal Information Systems and Organizations Rev 4

800-61 – Computer Security Incident Handling Guide (understand the Incident Response Process)

800-66 – Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule

800-86 – Guide to Integrating Forensics Techniques into Incident Response (understand Forensics Process and what happens in each step)

800-122 – Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)

beads

The HCISPP is only a practitioner level exam and shouldn't be confused as being nearly as difficult as the CISSP or "professional" level exam. If you've been working in the healthcare field for the required 2 years, its been awhile, you should immediately understand most of what the exam is going to through at you. If ICDN-10 is mysterious - your taking the wrong exam.

I read the .pdf and did some review of materials off the Internet over the weekend. Study time was approximately 3 hours. For the record it appears I was the second person to pass the exam but only because I couldn't get the exam scheduled sooner.

Has anyone seen a JD requesting this cert yet? Its been a couple of years now.

Good luck.

- b/eads

Remedymp

beads wrote: »

The HCISPP is only a practitioner level exam and shouldn't be confused as being nearly as difficult as the CISSP or "professional" level exam. If you've been working in the healthcare field for the required 2 years, its been awhile, you should immediately understand most of what the exam is going to through at you. If ICDN-10 is mysterious - your taking the wrong exam.

I read the .pdf and did some review of materials off the Internet over the weekend. Study time was approximately 3 hours. For the record it appears I was the second person to pass the exam but only because I couldn't get the exam scheduled sooner.

Has anyone seen a JD requesting this cert yet? Its been a couple of years now.

Good luck.

- b/eads

Currently, there are only 33 jobs on Linkedin with in their description. However, the roles tend be mid-senior positions.

beads

Wasn't curious to go out and look for it but at the same time no one has ever contacted me for having the exam completed either. Its still a bit of an odd duck of an exam. Hence why I am asking if there is suddenly a surge of interest that I am unaware.

(Add) Checked on Indeed for HCISPP with no location and ended up finding 46 (43 FTE and 3 contract). Which is pretty decent coverage for a oddball certificate. None of which list the HCISPP but in combination with any number of the usual cert suspects: PMP, CISSP, CCIE, GSEC, et. al.

I've also been known to take HIPAA much more seriously than HR people in general since 1997.

- b/eads

sadahoppa

JazzPilot56 wrote: »

I passed the exam last night (12/22/15). Here’s what I did:

First, I only had 8 days to study for the test (from 12/14 to 12/22). Three days were spent taking the (ISC)² classroom training (12/14-16), which I highly recommend. Marco Polizzi was the instructor and he was excellent. The offered a discounted bundle which included the in person training, course materials (book and flash cards) and PearsonVue voucher to sit for the exam (if you want to take the training course, I highly recommend the bundle).

After training only 5 days were left for self-study (12/17-22). Several people recommended other books to study, so in addition to the HCISPP℠ CBK® Training Seminar Student Guidebook (which came with the course), I also purchased Sean Murphy’s “Healthcare Information Security and Privacy“ book which arrived last Friday. Given crunch time, I read it cover-to-cover over the weekend.

It’s a great supplement to the HCISPP℠ CBK®. The book covered a lot of ground in a readily digestible format, in some ways it was better than the CBK®. At a minimum I recommend reading them in tandem as there are some complimentary aspects.

During final prep I quickly read through the entire HCISPP℠ CBK® a second time, focusing on the sample questions and end of the chapter review materials (flash cards were also provided which mirrored the CBK® chapter review materials).

Then I sat for the test last night. It took about 2 hours & 20 minutes to go through the first pass, and 25 minutes to review all the questions a second time. In addition, I took two 5 minute bio breaks to stretch my legs and clear my head, so in the end there were 5 minutes remaining.

The first pass through I was only 60-70% confident in my answers, but after the second pass I was pretty certain that I'd passed the exam and felt comfortable that I’d answered at least 90% correctly (I only changed the answers to 3 questions). Unfortunately you don’t get a score, just a pass or fail.

Overall, I’m thrilled to have passed the exam, especially after just basically a week of study, and look forward to applying for the certification (which I understand takes 5 weeks). According to Marco, there are less than 500 (ISC)² Certified HCISPP® professionals, so I’m proud to be in good company.

As a side note, I scheduled the exam prior to taking the training. My thought is that I wanted a date certain that mandated that I focus 100% on the materials and passing the test. Other people in the class said they were either thinking about taking the test or planning on it, but sometime in the future. My concern with that is I’d just let it slip again and again and never end up sitting for it; setting a firm date didn’t allow that to be an option (sure, the test can be rescheduled for $50, but not in my mind).

Anyway, hope that helps. If you have any questions, don’t hesitate to reach out.

William
BS, MS, CISSP, CISA, CISM, FLMI, ATP

Hey, William!

Any chance you still have the Training Seminar Student Guidebook and are willing to part ways with it either forever or temporarily?

Thanks!

Derrick

P.BZ

Hi All,

I am studying for the HCISPP exam with the Nelson book and ISC Quizlet flash cards and tests. I'd love to see some actual practice questions, however, not just vocabulary. Does anyone have any info on any practice exams?

Also, I've read that the Training Seminar Student Guidebook is very helpful! Anyone willing to provide their copy? My current remote location doesn't provide for many ISC classes and my organization is not willing to pay for it either. Any help would be much appreciated as I'm typically not the best test-taker, so very nervous about not knowing what to expect!

Thanks!!