AHIMA CHPS

Free AHIMA CHPS Exam Practice Test Questions (2025)

Free AHIMA CHPS Review 2025 - Prepare for the Certified in Healthcare Privacy and Security Exam with Practice Test Questions and Recommended Books.

AHIMA CHPS practice tests are mock tests designed for the online practice of the CHPS (Certified Healthcare Privacy Security) Certification exam.

Time-bound, domain-specific practice test questions help you track progress and prepare according to the latest AHIMA CHPS exam pattern.

At Testmocks, you can prepare for the AHIMA CHPS certification exam with practice tests including questions from the following domains.

S.No. Domain Weightage
1Ethical, Legal, and Regulatory Issues/ Environmental10-18%
2Privacy and Security Program Management and Administration30-40%
3Information Technology/Physical and Technical Safeguards24-35%
4Investigation, Compliance, and Enforcement19-24%

CHPS 2025 Exam Details

AHIMA CHPS (Certified in Healthcare Privacy and Security) is a professional certification exam in the healthcare industry. It is conducted by the American Health Information Management Association (AHIMA). The CHPS exam evaluates knowledge in designing and implementing privacy and security programs. It covers ethical, legal, and regulatory issues, program management, and information governance.

For complete information about the AHIMA CHPS certification, please visit the official page - https://www.ahima.org/certification-careers/certifications-overview/chps/.

Overview

Name of the exam AHIMA CHPS (Certified in Healthcare Privacy and Security) Certification Exam 2025
Organisation American Health Information Management Association
Official website https://www.ahima.org/
Type of questions Objective-type Multiple Choice Questions (MCQs)
Exam mode Online Computer-based Test
Time allowed to complete the exam Three and one half hours (210 minutes)
Total questions 150
Scored items 125
Pretest items 25
Exam testing location Pearson Vue testing center
Passing score for the AHIMA CHPS 300
Cost of the exam
  • $259 for AHIMA members
  • $329 for non-members
AHIMA CHPS exam complaints email to [email protected]

AHIMA CHPS Exam 2025 - Content Outline

Domain 1 – Ethical, Legal, and Regulatory Issues/ Environmental Assessment

Tasks:

  • Identify responsibilities as a privacy officer and/or security officer
  • Serve as a resource (provide guidance) to your organization regarding privacy and security laws, regulations, and standards of accreditation agencies to help interpret and apply the standards
  • Apply preemption principles to ensure compliance with state regulations that are applicable to privacy
  • Evaluate the privacy and security policies related to health information exchanges
  • Demonstrate privacy and security compliance with documentation, production, and retention as required by State and Federal law as well as accrediting agencies
  • Analyze the impact of access to protected health information (PHI) during a public health emergency

Domain 2 – Privacy and Security Program Management and Administration

Tasks:

  • Manage the distribution process of the organization’s Notice of Privacy Practices
  • Manage the process for requests for patients’ rights as outlined in the Notice of Privacy Practices (e.g., restrictions, amendments, etc.)
  • Manage contracts and business associate relationships and secure appropriate agreements related to privacy and security (e.g., business associate agreement [BAA], service level agreement [SLA], etc.)
  • Evaluate and monitor the facility security plan to safeguard unauthorized physical access to information, and to prevent theft or tampering
  • Establish a preventative program to detect and prevent privacy/security breaches
  • Develop, deliver, evaluate, and document training and awareness on information privacy and security to provide an informed workforce
  • Educate workforce members on the changes to organizational policies, procedures, and practices related to privacy and security
  • Collaborate with appropriate organization officials to verify that information used or disclosed for research purposes complies with organizational policies and procedures and applicable privacy regulations
  • Manage appropriate de-identification processes
  • Assess and communicate risks and ramifications of privacy and security incidents to a designated organizational leadership, including those by business associates
  • Verify that requesters of protected information are authorized and permitted access to the protected health information (PHI)
  • Apply the “minimum necessary” standard when creating, documenting, and communicating protected health information (PHI)
  • Define HIPAA-designated record sets for the organization in order to appropriately respond to a request for release of protected health information (PHI)
  • Identify information and record sets requiring special privacy protections
  • Manage disclosures for marketing and fundraising related to protected health information (PHI)

Domain 3 – Information Technology/Physical and Technical Safeguards

Tasks:

  • Develop and manage an organization’s information security plan, taking into consideration 45 CFR 164.306
  • Manage policies, procedures, and rules to protect the integrity, availability, and confidentiality of communication of health information across networks
  • Ensure reasonable safeguards to reduce incidental disclosures and prevent privacy breaches
  • Collaborate in the development of a business continuity plan for planned downtime and contingency planning for emergencies and disaster recovery
  • Evaluate, select, and implement information privacy and security solutions
  • Monitor compliance with the security policies and ensure compliance with technical, physical, and administrative safeguards
  • Assess the risk to and criticalities of new information systems which contain protected health information (PHI)
  • Assess and monitor physical security mechanisms to limit the access of unauthorized personnel to facilities, equipment, and information
  • Assess and monitor technical security mechanisms to control access and protect electronic protected health information (PHI)
  • Perform ongoing risk assessments for existing information systems which contain protected health information (PHI)
  • Ensure appropriate technologies are used to protect information received from or transmitted to external users
  • Manage the process for verifying and controlling access authorizations, authentication mechanisms, and privileges including emergency access
  • Identify event triggers for abnormal conditions within a network system (e.g., intrusion detection, denial of service, and invalid log-on attempts)
  • Manage the media control practices that govern the receipt, removal, re-use, or disposal (internal and external destruction) of any media or devices containing sensitive data
  • Develop and maintain the inventory of software, hardware, and all data to protect information assets and to facilitate risk analysis

Domain 4 – Investigation, Compliance, and Enforcement

Tasks:

  • Monitor and assess compliance with state and federal laws and regulations on a routine basis related to privacy and security to update organizational practices, policies, procedures, and training of workforce
  • Develop policy and procedure for breach notification
  • Establish an incident/complaint investigation process, and develop a response plan to mitigate a privacy or security incident
  • Ensure workforce is knowledgeable on how to report a potential privacy or security incident
  • Enforce privacy and security policies, procedures, and guidelines to facilitate compliance with federal, state, and other regulatory or accrediting bodies
  • Monitor and audit access to protected health information (PHI)
  • Perform risk assessment for breach notification
  • Coordinate the organization’s response to inquiries and investigations from external entities relating to privacy and security to provide response consistent with organizational policies and procedures within the required timeframe
  • Notify appropriate individuals/agencies/media within time frame for breach notification
  • Maintain the appropriate documentation for breach notification

Top Recommended Resources, Books, Study Materials for AHIMA CHPS in 2025

Title & Author Details
CHPS Exam Prep: UPDATED All-in-One Review + 250 Practice Questions
by TrustHealth Publishing
Comprehensive review with 250 practice questions and two full-length tests for the AHIMA CHPS exam.
Conquer the AHIMA CHPS Exam
by Philip Martin McCaulay
Concise guide to becoming certified in Healthcare Privacy and Security.
Certified in Healthcare Privacy and Security (CHPS) Exam Preparation
by E. Danika Brinda
Study guide for the CHPS exam (currently unavailable in paperback).