CHPS Application Process: Step-by-Step Guide 2026

What the CHPS Credential Actually Certifies

The Certified in Healthcare Privacy and Security (CHPS) credential is administered by the American Health Information Management Association (AHIMA). It is one of the few certifications that addresses both the privacy and security dimensions of healthcare information management within a single examination framework - a distinction that matters enormously to employers navigating a regulatory landscape that treats these two disciplines as inseparable.

CHPS holders are expected to understand not just the technical components of a security program, but also the legal and ethical obligations that govern how protected health information (PHI) is collected, stored, transmitted, and disclosed. This dual focus is what separates the CHPS from purely technical security certifications or narrowly focused privacy compliance credentials.

If you are a health information manager, privacy officer, compliance director, health IT professional, or security analyst working in a covered entity or business associate environment, CHPS is designed specifically for your career path. Understanding what the credential certifies - before you begin the application - helps you approach both the paperwork and the preparation with clarity.

Eligibility Requirements You Must Meet

Before you fill out a single form, confirm that you meet AHIMA's eligibility criteria for the CHPS examination. Applying without meeting these prerequisites is one of the most common and easily avoidable delays candidates encounter.

AHIMA requires a combination of academic credentials and professional experience in health information management, privacy, security, or a directly related field. Candidates with a bachelor's degree or higher in a relevant area generally need fewer years of work experience than those with an associate's degree or a credential in another discipline. AHIMA's official candidate handbook - updated each cycle - contains the exact table of combinations; always verify against the current version rather than relying on third-party summaries, including this one.

If you hold an RHIA or RHIT credential from AHIMA, your eligibility pathway may differ slightly. Review the credential-specific requirements in the candidate handbook to confirm your specific situation before proceeding to the application portal.

The Application Process, Step by Step

The CHPS application runs through AHIMA's online certification portal. The process involves more than clicking "apply" - there are distinct stages, each with its own requirements and timelines.

Step 1: Create or Access Your AHIMA Account

The application lives inside AHIMA's member and certification management system. If you are already an AHIMA member, log in with your existing credentials. Non-members can create an account, though AHIMA membership affects the application fee. Confirm your account information is current and your email address is one you actively monitor - all status notifications will arrive there.

Step 2: Complete the Online Application Form

The application collects your educational background, professional work history, and any existing AHIMA credentials. Be precise with dates of employment, job titles, and the nature of your responsibilities. AHIMA reviewers assess whether your described experience aligns with the competencies the CHPS credential represents. Vague descriptions like "worked in healthcare IT" carry less weight than specific statements describing your direct involvement in privacy program management, breach response, or regulatory compliance activities.

Step 3: Pay the Examination Fee

AHIMA charges an examination fee at the time of application. The fee differs based on your AHIMA membership status - members pay less than non-members. Check the current AHIMA fee schedule directly, as fees are subject to revision. Payment is processed through the online portal at the time of application submission; applications are not reviewed until payment is received.

Step 4: Wait for Eligibility Confirmation

After submission and payment, AHIMA reviews your application to confirm you meet eligibility requirements. This review period can take several weeks. If AHIMA selects your application for an audit, you will be notified and given a deadline to submit supporting documentation. Missing an audit deadline results in forfeiture of your application fee, so respond promptly.

Step 5: Schedule Your Examination

Once approved, you receive an Authorization to Test (ATT) letter. This letter contains the information you need to schedule your exam through AHIMA's designated testing partner. Examine the ATT carefully - it includes your eligibility window, which is the date range within which you must sit for the exam. Scheduling is done through the testing center's own booking system. Choose your date, location (or remote proctoring option if available), and time carefully. You will receive a confirmation; save it.

Step 6: Prepare, Sit, and Receive Results

After scheduling, you have a defined preparation window. Use it deliberately. Results are typically available shortly after the exam, though exact timing depends on whether you test at a testing center or via remote proctoring. Candidates who pass receive information about next steps for activating the CHPS designation on their AHIMA record.

What the Exam Covers: Six Domains in Detail

The CHPS examination is structured around six content domains. Every question on the exam traces back to one of these domains, and the percentage weight of each domain directly determines how many questions you will see on a given topic. Understanding this structure is the single most important input to building a rational study plan.

Preparing Strategically After You Apply

Most candidates make the mistake of waiting until they receive their ATT to begin studying. By that point, they have lost weeks of preparation time. Submit your application and begin studying immediately - your domain knowledge does not depend on having a scheduled exam date.

Sequencing Your Study by Domain Weight

A domain-weighted approach to your calendar is more effective than studying topics in the order they appear in a textbook. Because Domain 1 represents up to 27% of the exam, it deserves the most sustained attention. Domains 2 and 3 are equal in weight and should be treated as complementary - many topics in privacy program management and security program management reinforce each other. The CHPS Study Schedule: 8-Week Exam Prep Plan 2026 maps each domain to a specific study week with this logic built in, which can save you significant planning time.

Pairing this domain-sequenced approach with CHPS practice tests gives you the feedback loop you need to identify which domains are absorbing knowledge and which need additional time. Practice questions are not just for the final two weeks - use them throughout your preparation to reinforce what you are actively studying.

Who Hires CHPS Holders and Why It Matters

The CHPS credential is recognized across the healthcare ecosystem. Health systems, hospitals, physician group practices, health plans, pharmacy benefit managers, health information exchanges, and health IT vendors all operate in environments where HIPAA compliance is a legal mandate, not a preference. Each of these organizations needs professionals who can build and manage the programs that keep them compliant.

Typical roles held by CHPS-credentialed professionals include Chief Privacy Officer, Privacy and Security Officer (combined roles are increasingly common at smaller covered entities), Compliance Director, Health Information Manager, Healthcare IT Security Analyst, and Privacy Program Manager. Business associates - including EHR vendors, billing services, and cloud storage providers - are also frequent employers, because their contracts with covered entities require them to demonstrate they can meet HIPAA's security and privacy standards.

If you are preparing for a role at an organization that falls under HIPAA's jurisdiction, holding the CHPS signals to hiring managers and compliance boards that your competence has been independently verified - not just self-reported.

Common Application Mistakes to Avoid

The CHPS application process is not especially complex, but candidates consistently make the same avoidable errors. Knowing them in advance costs you nothing; making them can cost you weeks or your application fee.

• Describing experience too vaguely. AHIMA reviewers look for evidence that your work directly involved the competencies the CHPS assesses. "Worked in the compliance department" tells them far less than "conducted annual HIPAA security risk analyses, documented findings, and coordinated remediation with IT leadership."
• Applying without gathering documentation first. Audit selection is unpredictable. Always have transcripts and employment verification ready before you submit, not after.
• Waiting to study until after ATT receipt. The ATT review process takes time. Candidates who wait lose weeks of preparation they cannot recover.
• Ignoring Domain 6 because it is small. Breach Management questions are disproportionately scenario-based, meaning they require synthesis across multiple domains. A candidate who skips this domain will encounter questions they cannot answer even if they know the underlying rules.
• Not using domain-aligned practice questions. Generic healthcare compliance questions do not replicate the CHPS exam format. Use CHPS-specific practice tests that are mapped to the six domains and reflect the actual question style of the examination.

Refer back to the full CHPS Application Process: Step-by-Step Guide 2026 if you need to review any stage of the process after beginning your preparation - it is easy to focus so heavily on studying that administrative deadlines get overlooked.

Frequently Asked Questions