+ Reply to Thread
Results 1 to 16 of 16

Thread: HCISPP Studying

  1. Junior Member
    Join Date
    Nov 2015
    Location
    Florida
    Posts
    10

    Certifications
    A+, HCISPP, CCSFP
    #1

    Default HCISPP Studying

    Hi all!

    Just wondering if anyone has any recent experience with getting their HCISPP. I started studying the CBK but fear that might not be enough. I have been really itching to find some practice questions out there but have had no such luck except for the 10 questions at the end of each chapter. I like to study sample questions to get an idea on how they are formatted and to go back and read over the items I don't know the answer to. Is there anything out there where I can do this?

    Thanks in advance!
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Oct 2009
    Location
    Memphis, TN
    Posts
    119

    Certifications
    Net+, Sec+, CISSP
    #2
    I am starting to study for this as well. Here is the thread I have been reading and bought the other book instead of the CBK. I will probably get the CBK as well.

    HCISPP Study materials
    WGU BS: IT-Security
    In Progress: C170, C246
    To Be Completed: C247, C299, C697, C698, C435, C436, C179
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Nov 2015
    Location
    Florida
    Posts
    10

    Certifications
    A+, HCISPP, CCSFP
    #3
    Thanks for that. Yeah, I am just concerned only reading the material will be no good. It's kinda like how to best prepare for the CISA you should really nail down the material in the practice questions. Though that test is administered by ISACA, not having practice questions to look over really concerns me as I have never taken an (ISC)2 exam before.
    Reply With Quote Quote  

  5. Junior Member JazzPilot56's Avatar
    Join Date
    Jun 2015
    Location
    Columbus, OH
    Posts
    26

    Certifications
    BS-MGE | MS-MGA | CISSP | HCISPP | CGEIT | CRISC | CISM | CISA | FLMI | ATP
    #4
    I passed the exam last night (12/22/15). Here’s what I did:

    First, I only had 8 days to study for the test (from 12/14 to 12/22). Three days were spent taking the (ISC) classroom training (12/14-16), which I highly recommend. Marco Polizzi was the instructor and he was excellent. The offered a discounted bundle which included the in person training, course materials (book and flash cards) and PearsonVue voucher to sit for the exam (if you want to take the training course, I highly recommend the bundle).

    After training only 5 days were left for self-study (12/17-22). Several people recommended other books to study, so in addition to the HCISPP℠ CBK Training Seminar Student Guidebook (which came with the course), I also purchased Sean Murphy’s “Healthcare Information Security and Privacy“ book which arrived last Friday. Given crunch time, I read it cover-to-cover over the weekend.

    It’s a great supplement to the HCISPP℠ CBK. The book covered a lot of ground in a readily digestible format, in some ways it was better than the CBK. At a minimum I recommend reading them in tandem as there are some complimentary aspects.

    During final prep I quickly read through the entire HCISPP℠ CBK a second time, focusing on the sample questions and end of the chapter review materials (flash cards were also provided which mirrored the CBK chapter review materials).

    Then I sat for the test last night. It took about 2 hours & 20 minutes to go through the first pass, and 25 minutes to review all the questions a second time. In addition, I took two 5 minute bio breaks to stretch my legs and clear my head, so in the end there were 5 minutes remaining.

    The first pass through I was only 60-70% confident in my answers, but after the second pass I was pretty certain that I'd passed the exam and felt comfortable that I’d answered at least 90% correctly (I only changed the answers to 3 questions). Unfortunately you don’t get a score, just a pass or fail.

    Overall, I’m thrilled to have passed the exam, especially after just basically a week of study, and look forward to applying for the certification (which I understand takes 5 weeks). According to Marco, there are less than 500 (ISC) Certified HCISPP professionals, so I’m proud to be in good company.

    As a side note, I scheduled the exam prior to taking the training. My thought is that I wanted a date certain that mandated that I focus 100% on the materials and passing the test. Other people in the class said they were either thinking about taking the test or planning on it, but sometime in the future. My concern with that is I’d just let it slip again and again and never end up sitting for it; setting a firm date didn’t allow that to be an option (sure, the test can be rescheduled for $50, but not in my mind).

    Anyway, hope that helps. If you have any questions, don’t hesitate to reach out.

    William
    BS, MS, CISSP, CISA, CISM, FLMI, ATP
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Nov 2015
    Location
    Florida
    Posts
    10

    Certifications
    A+, HCISPP, CCSFP
    #5
    Congratulations on passing! With only 8 days to study wow.

    And thanks for your reply. I've really been studying on and off. I've read the CBK front to back and have gone back to do some highlighting/re-reading. I also bought the HCISPP Study Guide book by Justin Rainey. I probably should have bought the Sean Murphy book but I was sucked in to the description of the study guide book saying it, "Provides the most complete and effective study guide to prepare you for passing the HCISPP exam - contains only what you need to pass the test, and no fluff!" I've read this book from front to back as well but it contains no where near the depth of material the CBK has in it. For example the CBK goes in to detail about different security models such as Biba and Bell-Lapadulla but the study guide doesn't mention security models at all. Does the exam go that much in depth? It really makes me think this book doesn't really prepare you for the exam and that I should probably focus more on the CBK. A big concern I have is how in depth to I really need to go with the material? Does the CBK really contain fluff that won't be on the exam? I've created my own flash cards to study and I have also gone through the flash cards provided by (ISC)2 but I am just concerned I am not going over the appropriate material.

    Maybe I am just over stressing. I guess that just comes with the fun of exam prep
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Nov 2011
    Posts
    810
    #6
    Quote Originally Posted by JazzPilot56 View Post
    I passed the exam last night (12/22/15). Heres what I did:

    First, I only had 8 days to study for the test (from 12/14 to 12/22). Three days were spent taking the (ISC) classroom training (12/14-16), which I highly recommend. Marco Polizzi was the instructor and he was excellent. The offered a discounted bundle which included the in person training, course materials (book and flash cards) and PearsonVue voucher to sit for the exam (if you want to take the training course, I highly recommend the bundle).

    After training only 5 days were left for self-study (12/17-22). Several people recommended other books to study, so in addition to the HCISPP℠ CBK Training Seminar Student Guidebook (which came with the course), I also purchased Sean Murphys Healthcare Information Security and Privacy book which arrived last Friday. Given crunch time, I read it cover-to-cover over the weekend.

    Its a great supplement to the HCISPP℠ CBK. The book covered a lot of ground in a readily digestible format, in some ways it was better than the CBK. At a minimum I recommend reading them in tandem as there are some complimentary aspects.

    During final prep I quickly read through the entire HCISPP℠ CBK a second time, focusing on the sample questions and end of the chapter review materials (flash cards were also provided which mirrored the CBK chapter review materials).

    Then I sat for the test last night. It took about 2 hours & 20 minutes to go through the first pass, and 25 minutes to review all the questions a second time. In addition, I took two 5 minute bio breaks to stretch my legs and clear my head, so in the end there were 5 minutes remaining.

    The first pass through I was only 60-70% confident in my answers, but after the second pass I was pretty certain that I'd passed the exam and felt comfortable that Id answered at least 90% correctly (I only changed the answers to 3 questions). Unfortunately you dont get a score, just a pass or fail.

    Overall, Im thrilled to have passed the exam, especially after just basically a week of study, and look forward to applying for the certification (which I understand takes 5 weeks). According to Marco, there are less than 500 (ISC) Certified HCISPP professionals, so Im proud to be in good company.

    As a side note, I scheduled the exam prior to taking the training. My thought is that I wanted a date certain that mandated that I focus 100% on the materials and passing the test. Other people in the class said they were either thinking about taking the test or planning on it, but sometime in the future. My concern with that is Id just let it slip again and again and never end up sitting for it; setting a firm date didnt allow that to be an option (sure, the test can be rescheduled for $50, but not in my mind).

    Anyway, hope that helps. If you have any questions, dont hesitate to reach out.

    William
    BS, MS, CISSP, CISA, CISM, FLMI, ATP
    How many years of experience do you have in health care? if you don't mind me asking.
    Reply With Quote Quote  

  8. Junior Member JazzPilot56's Avatar
    Join Date
    Jun 2015
    Location
    Columbus, OH
    Posts
    26

    Certifications
    BS-MGE | MS-MGA | CISSP | HCISPP | CGEIT | CRISC | CISM | CISA | FLMI | ATP
    #7
    Here's the quick answer: Don't bother with the hardbound HCISPP CBK, honestly, I didn't even open it (not because I wasn't interested, but because a certain trusted person told me not to bother with it, so I didn't). The only ISC2 material I studied was the soft cover "Training Seminar Student Guidebook". Most important - study and make sure you're 100% familiar with all of the chapter review terms (at the end of each chapter - they're the same as the flash cards). I've passed the CISSP and am certified, so I'm very familiar with Biba and Bell-Lapadulla - I can't disclose what was on the test, but I will say those terms didn't come up in my course of studies for the HCISPP. The one area I felt weakest on was "Covered Entities and Business Associates"; likewise, can't say if this was on the test, but wish I'd studied that a little more carefully. As for my experience, it has been as a third party entity doing billing / receivables management. If you're in the healthcare industry, you'll do fine. Mental preparation is the most important for these tests. If you believe you'll pass the exam, you will. Set a date in your mind (and even schedule the PearsonVue exam for a hard date), and then just commit yourself to doing it (actually, this applies to all certification exams). Set the date, put the blinders on, commit yourself and get it done. If you do that I'm absolutely certain you'll pass. Best on your studies and taking the exam. William
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Nov 2015
    Location
    Florida
    Posts
    10

    Certifications
    A+, HCISPP, CCSFP
    #8
    Thanks for the clarification. I wish there was away for me to obtain the Training Seminar Student Guidebook without attending the seminar (I wish I could but it's god awful expensive and my exam is 1/7). One of my supervisors did recently let me borrow his flash cards from when he attended so I have been studying those as while reading through the domains again. I should ask him if he still has his guidebook too.

    Another concerning factor for me is this will be the first (ISC)2 exam I have taken so I am not familiar with how tricky the questions can be. Can you provide any advice as to a good strategy to use when taking the exam and going through the questions?

    Again, thanks for your input. It really helps since this cert doesn't really have a lot of resources out there. - Ryan
    Reply With Quote Quote  

  10. Junior Member
    Join Date
    Nov 2015
    Location
    Florida
    Posts
    10

    Certifications
    A+, HCISPP, CCSFP
    #9
    Whoo! I passed! Thanks @JazzPilot56 for your guidance. I decided to attempt to pay it forward by offering my guidance here.
    Last edited by rwinkler1; 01-09-2016 at 02:27 AM.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Nov 2011
    Posts
    810
    #10
    Quote Originally Posted by rwinkler1 View Post
    Whoo! I passed! Thanks @JazzPilot56 for your guidance. I decided to attempt to pay it forward by offering my guidance here.

    Congrats.
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Apr 2015
    Posts
    6

    Certifications
    CISSP, SSCP, HCISPP, COBIT 5 Foundation, COBIT 5 Implementation
    #11
    Congrats everyone who passed. I realize my post may be late, but it may help someone. I have the CISSP, SSCP, HCISPP. I also struggled with not having practice questions for the HCISPP. I hope this helps someone. I did the following to prepare:

    (The quizlet folder was created in August 2015)

    ISC2Education
    Https://quizlet.com/isc2education/folders/hcispp

    Read the following books:
    HCISPP Study Guide

    Healthcare Information Security and Privacy (Nelson)

    Studied overviews of the following frameworks:

    Frameworks

    ISO Publication 27002:2005 or 27002:2013 (understand risk assessment process)

    HITRUST (understand what the framework is and what it covers)

    NIST RMF

    *

    Federal Legislation/Standards (understand key components of legislation)

    PIPEDA privacy principles (Canada)

    Data protection Directive (EU) privacy principles

    EU-US Safe Harbor

    HIPAA Security Rule

    HIPAA Privacy Rule

    HIPAA Breach Notification Rule

    Federal Trade Commission Breach Notification Rule

    Organisation for Economic Co-operation and Development (OECD) Privacy Principles

    Generally Accepted Privacy Principles

    *

    *

    NIST Special Publications (understand the process, the name and number of the publication, specifically risk management)

    FIPS 140-2 Security Requirements for Cryptographic Modules

    NISTIR 8053 De-Identification of Personally Identifiable Information

    800-30 Conducting Risk Assessments

    800-34 Contingency Planning

    800-37 Guide to applying the Risk Management Framework

    800-39 Managing Information Security Risk

    800-53 Security and Privacy Controls for Federal Information Systems and Organizations Rev 4

    800-61 Computer Security Incident Handling Guide (understand the Incident Response Process)

    800-66 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule

    800-86 Guide to Integrating Forensics Techniques into Incident Response (understand Forensics Process and what happens in each step)

    800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,281

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #12
    The HCISPP is only a practitioner level exam and shouldn't be confused as being nearly as difficult as the CISSP or "professional" level exam. If you've been working in the healthcare field for the required 2 years, its been awhile, you should immediately understand most of what the exam is going to through at you. If ICDN-10 is mysterious - your taking the wrong exam.

    I read the .pdf and did some review of materials off the Internet over the weekend. Study time was approximately 3 hours. For the record it appears I was the second person to pass the exam but only because I couldn't get the exam scheduled sooner.

    Has anyone seen a JD requesting this cert yet? Its been a couple of years now.

    Good luck.

    - b/eads
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Nov 2011
    Posts
    810
    #13
    Quote Originally Posted by beads View Post
    The HCISPP is only a practitioner level exam and shouldn't be confused as being nearly as difficult as the CISSP or "professional" level exam. If you've been working in the healthcare field for the required 2 years, its been awhile, you should immediately understand most of what the exam is going to through at you. If ICDN-10 is mysterious - your taking the wrong exam.

    I read the .pdf and did some review of materials off the Internet over the weekend. Study time was approximately 3 hours. For the record it appears I was the second person to pass the exam but only because I couldn't get the exam scheduled sooner.

    Has anyone seen a JD requesting this cert yet? Its been a couple of years now.

    Good luck.

    - b/eads
    Currently, there are only 33 jobs on Linkedin with in their description. However, the roles tend be mid-senior positions.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,281

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #14
    Wasn't curious to go out and look for it but at the same time no one has ever contacted me for having the exam completed either. Its still a bit of an odd duck of an exam. Hence why I am asking if there is suddenly a surge of interest that I am unaware.

    (Add) Checked on Indeed for HCISPP with no location and ended up finding 46 (43 FTE and 3 contract). Which is pretty decent coverage for a oddball certificate. None of which list the HCISPP but in combination with any number of the usual cert suspects: PMP, CISSP, CCIE, GSEC, et. al.

    I've also been known to take HIPAA much more seriously than HR people in general since 1997.

    - b/eads
    Last edited by beads; 11-15-2016 at 05:09 PM.
    Reply With Quote Quote  

  16. Junior Member Registered Member
    Join Date
    Sep 2016
    Location
    Nashville, TN
    Posts
    3
    #15
    Quote Originally Posted by JazzPilot56 View Post
    I passed the exam last night (12/22/15). Here’s what I did:

    First, I only had 8 days to study for the test (from 12/14 to 12/22). Three days were spent taking the (ISC) classroom training (12/14-16), which I highly recommend. Marco Polizzi was the instructor and he was excellent. The offered a discounted bundle which included the in person training, course materials (book and flash cards) and PearsonVue voucher to sit for the exam (if you want to take the training course, I highly recommend the bundle).

    After training only 5 days were left for self-study (12/17-22). Several people recommended other books to study, so in addition to the HCISPP℠ CBK Training Seminar Student Guidebook (which came with the course), I also purchased Sean Murphy’s “Healthcare Information Security and Privacy“ book which arrived last Friday. Given crunch time, I read it cover-to-cover over the weekend.

    It’s a great supplement to the HCISPP℠ CBK. The book covered a lot of ground in a readily digestible format, in some ways it was better than the CBK. At a minimum I recommend reading them in tandem as there are some complimentary aspects.

    During final prep I quickly read through the entire HCISPP℠ CBK a second time, focusing on the sample questions and end of the chapter review materials (flash cards were also provided which mirrored the CBK chapter review materials).

    Then I sat for the test last night. It took about 2 hours & 20 minutes to go through the first pass, and 25 minutes to review all the questions a second time. In addition, I took two 5 minute bio breaks to stretch my legs and clear my head, so in the end there were 5 minutes remaining.

    The first pass through I was only 60-70% confident in my answers, but after the second pass I was pretty certain that I'd passed the exam and felt comfortable that I’d answered at least 90% correctly (I only changed the answers to 3 questions). Unfortunately you don’t get a score, just a pass or fail.

    Overall, I’m thrilled to have passed the exam, especially after just basically a week of study, and look forward to applying for the certification (which I understand takes 5 weeks). According to Marco, there are less than 500 (ISC) Certified HCISPP professionals, so I’m proud to be in good company.

    As a side note, I scheduled the exam prior to taking the training. My thought is that I wanted a date certain that mandated that I focus 100% on the materials and passing the test. Other people in the class said they were either thinking about taking the test or planning on it, but sometime in the future. My concern with that is I’d just let it slip again and again and never end up sitting for it; setting a firm date didn’t allow that to be an option (sure, the test can be rescheduled for $50, but not in my mind).

    Anyway, hope that helps. If you have any questions, don’t hesitate to reach out.

    William
    BS, MS, CISSP, CISA, CISM, FLMI, ATP
    Hey, William!

    Any chance you still have the Training Seminar Student Guidebook and are willing to part ways with it either forever or temporarily?

    Thanks!

    Derrick
    Reply With Quote Quote  

  17. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    3
    #16

    Exclamation HCISPP: Practice Test & Training Seminar Student Guidebook

    Hi All,

    I am studying for the HCISPP exam with the Nelson book and ISC Quizlet flash cards and tests. I'd love to see some actual practice questions, however, not just vocabulary. Does anyone have any info on any practice exams?

    Also, I've read that the Training Seminar Student Guidebook is very helpful! Anyone willing to provide their copy? My current remote location doesn't provide for many ISC classes and my organization is not willing to pay for it either. Any help would be much appreciated as I'm typically not the best test-taker, so very nervous about not knowing what to expect!

    Thanks!!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks