Will HIPAA require the CHSS in the near future?
Do you think the CHSS (Certified HIPAA Security Specialist) will be required for security professionals working with HIPAA in the near future?
At the moment, it is not required, but I've heard that a security certification could be a requirement soon. Is it likely to be CHSS in your opinion, or would a CISSP or Security+ for example, be adequate?
I can't imagine a HIPAA security cert such as CHSS being a requirement, although it could be seen as a good minimum baseline. It's certainly not a bad thing to have to sell your skills, but just like with CISSP, Security+, etc., just because someone has the certification doesn't mean they can perform the tasks in the real world. Also consider non-vendor specific HIPAA/health care security certs such as the CHS by HIMSS. The CISSP is the most widely recognize and the one I'd go for first. Then you can specialize in health care/HIPAA if you choose to.
For more info on this topic, please visit these SearchSecurity.com resources:
Careers and Certification Tip: Security certification landscape: Vendor-neutral certs abound
Best Web Links: Infosec training, careers and events
Ask the Expert: Learning more about the CHP certification
This was first published in January 2004