Free AHIMA CHPS Exam Practice Test Questions (2025)
Free AHIMA CHPS Review 2025 - Prepare for the Certified in Healthcare Privacy and Security Exam with Practice Test Questions and Recommended Books.
AHIMA CHPS practice tests are mock tests designed for the online practice of the CHPS (Certified Healthcare Privacy Security) Certification exam.
Time-bound, domain-specific practice test questions help you track progress and prepare according to the latest AHIMA CHPS exam pattern.
At Testmocks, you can prepare for the AHIMA CHPS certification exam with practice tests including questions from the following domains.
S.No. | Domain | Weightage |
---|---|---|
1 | Ethical, Legal, and Regulatory Issues/ Environmental | 10-18% |
2 | Privacy and Security Program Management and Administration | 30-40% |
3 | Information Technology/Physical and Technical Safeguards | 24-35% |
4 | Investigation, Compliance, and Enforcement | 19-24% |

CHPS 2025 Exam Details
AHIMA CHPS (Certified in Healthcare Privacy and Security) is a professional certification exam in the healthcare industry. It is conducted by the American Health Information Management Association (AHIMA). The CHPS exam evaluates knowledge in designing and implementing privacy and security programs. It covers ethical, legal, and regulatory issues, program management, and information governance.
For complete information about the AHIMA CHPS certification, please visit the official page - https://www.ahima.org/certification-careers/certifications-overview/chps/.
Overview
Name of the exam | AHIMA CHPS (Certified in Healthcare Privacy and Security) Certification Exam 2025 |
Organisation | American Health Information Management Association |
Official website | https://www.ahima.org/ |
Type of questions | Objective-type Multiple Choice Questions (MCQs) |
Exam mode | Online Computer-based Test |
Time allowed to complete the exam | Three and one half hours (210 minutes) |
Total questions | 150 |
Scored items | 125 |
Pretest items | 25 |
Exam testing location | Pearson Vue testing center |
Passing score for the AHIMA CHPS | 300 |
Cost of the exam |
|
AHIMA CHPS exam complaints | email to [email protected] |
AHIMA CHPS Exam 2025 - Content Outline
Domain 1 – Ethical, Legal, and Regulatory Issues/ Environmental Assessment
Tasks:
- Identify responsibilities as a privacy officer and/or security officer
- Serve as a resource (provide guidance) to your organization regarding privacy and security laws, regulations, and standards of accreditation agencies to help interpret and apply the standards
- Apply preemption principles to ensure compliance with state regulations that are applicable to privacy
- Evaluate the privacy and security policies related to health information exchanges
- Demonstrate privacy and security compliance with documentation, production, and retention as required by State and Federal law as well as accrediting agencies
- Analyze the impact of access to protected health information (PHI) during a public health emergency
Domain 2 – Privacy and Security Program Management and Administration
Tasks:
- Manage the distribution process of the organization’s Notice of Privacy Practices
- Manage the process for requests for patients’ rights as outlined in the Notice of Privacy Practices (e.g., restrictions, amendments, etc.)
- Manage contracts and business associate relationships and secure appropriate agreements related to privacy and security (e.g., business associate agreement [BAA], service level agreement [SLA], etc.)
- Evaluate and monitor the facility security plan to safeguard unauthorized physical access to information, and to prevent theft or tampering
- Establish a preventative program to detect and prevent privacy/security breaches
- Develop, deliver, evaluate, and document training and awareness on information privacy and security to provide an informed workforce
- Educate workforce members on the changes to organizational policies, procedures, and practices related to privacy and security
- Collaborate with appropriate organization officials to verify that information used or disclosed for research purposes complies with organizational policies and procedures and applicable privacy regulations
- Manage appropriate de-identification processes
- Assess and communicate risks and ramifications of privacy and security incidents to a designated organizational leadership, including those by business associates
- Verify that requesters of protected information are authorized and permitted access to the protected health information (PHI)
- Apply the “minimum necessary” standard when creating, documenting, and communicating protected health information (PHI)
- Define HIPAA-designated record sets for the organization in order to appropriately respond to a request for release of protected health information (PHI)
- Identify information and record sets requiring special privacy protections
- Manage disclosures for marketing and fundraising related to protected health information (PHI)
Domain 3 – Information Technology/Physical and Technical Safeguards
Tasks:
- Develop and manage an organization’s information security plan, taking into consideration 45 CFR 164.306
- Manage policies, procedures, and rules to protect the integrity, availability, and confidentiality of communication of health information across networks
- Ensure reasonable safeguards to reduce incidental disclosures and prevent privacy breaches
- Collaborate in the development of a business continuity plan for planned downtime and contingency planning for emergencies and disaster recovery
- Evaluate, select, and implement information privacy and security solutions
- Monitor compliance with the security policies and ensure compliance with technical, physical, and administrative safeguards
- Assess the risk to and criticalities of new information systems which contain protected health information (PHI)
- Assess and monitor physical security mechanisms to limit the access of unauthorized personnel to facilities, equipment, and information
- Assess and monitor technical security mechanisms to control access and protect electronic protected health information (PHI)
- Perform ongoing risk assessments for existing information systems which contain protected health information (PHI)
- Ensure appropriate technologies are used to protect information received from or transmitted to external users
- Manage the process for verifying and controlling access authorizations, authentication mechanisms, and privileges including emergency access
- Identify event triggers for abnormal conditions within a network system (e.g., intrusion detection, denial of service, and invalid log-on attempts)
- Manage the media control practices that govern the receipt, removal, re-use, or disposal (internal and external destruction) of any media or devices containing sensitive data
- Develop and maintain the inventory of software, hardware, and all data to protect information assets and to facilitate risk analysis
Domain 4 – Investigation, Compliance, and Enforcement
Tasks:
- Monitor and assess compliance with state and federal laws and regulations on a routine basis related to privacy and security to update organizational practices, policies, procedures, and training of workforce
- Develop policy and procedure for breach notification
- Establish an incident/complaint investigation process, and develop a response plan to mitigate a privacy or security incident
- Ensure workforce is knowledgeable on how to report a potential privacy or security incident
- Enforce privacy and security policies, procedures, and guidelines to facilitate compliance with federal, state, and other regulatory or accrediting bodies
- Monitor and audit access to protected health information (PHI)
- Perform risk assessment for breach notification
- Coordinate the organization’s response to inquiries and investigations from external entities relating to privacy and security to provide response consistent with organizational policies and procedures within the required timeframe
- Notify appropriate individuals/agencies/media within time frame for breach notification
- Maintain the appropriate documentation for breach notification
Top Recommended Resources, Books, Study Materials for AHIMA CHPS in 2025
Title & Author | Details |
---|---|
CHPS Exam Prep: UPDATED All-in-One Review + 250 Practice Questions by TrustHealth Publishing |
Comprehensive review with 250 practice questions and two full-length tests for the AHIMA CHPS exam. |
Conquer the AHIMA CHPS Exam by Philip Martin McCaulay |
Concise guide to becoming certified in Healthcare Privacy and Security. |
Certified in Healthcare Privacy and Security (CHPS) Exam Preparation by E. Danika Brinda |
Study guide for the CHPS exam (currently unavailable in paperback). |