HIMSS CPHIMS Certification Exam Syllabus

A. Healthcare Environment

• A.1 Articulate characteristics and services of different types of healthcare organizations (e.g., hospitals, clinics, ambulatory centers, community health organizations, healthcare payers, regulators, research and academic)
• A.2. Articulate characteristics of interrelationships within and across healthcare organizations (e.g., health information exchange, public, private, continuity of care)
• A.3. Describe the roles and responsibilities of healthcare information and management systems professionals within the organizational structures in which they work
• A.4. Recognize the impact of commonly accepted laws, regulations, accreditation and other state and local rules that govern critical healthcare information and systems management services, including privacy, safety and security (e.g., privacy regulations, pharmacy, environments of care, patient rights) on the healthcare industry
• A.5. Evaluate trends in healthcare technology and implement strategies to improve patient outcomes (e.g., telemedicine, patient portals, wearable devices, population health)

B. Technology Environment

• B.1. Articulate characteristics of applications commonly used in healthcare (e.g., clinical, administrative, financial, consumer, business intelligence)
• B.2. Articulate characteristics of technology infrastructure that support the healthcare environment (e.g., network, communications, data integration, privacy and security)

• A.1. Identify basic clinical vocabulary/terms frequently represented in healthcare informatics (e.g. dosage frequency, dosage routes, body systems)
• A.2. Identify basic healthcare IT vocabulary/terms frequently represented in healthcare informatics
• A.3. Identify basic clinical metrics frequently represented in informatics (e.g., average daily census, turnaround time, adherence, barcode medication administration)
• A.4. Develop and implement system functionality to optimize clinical effectiveness and efficiencies
• A.5. Interpret clinical and operational outcomes through the use of various data analytics tools (e.g., reports, tables, graphs, charts, predictive models)
• A.6. Develop mechanisms to facilitate ongoing clinical content and decision-support tools

A. Analysis

• A.1. Apply appropriate concepts of systems development (e.g., systems development lifecycle or SDLC)
• A.2. Apply and utilize project management methodology components (e.g., needs analysis, gap analysis, defining and prioritizing requirements)
• A.3. Apply appropriate concepts of process improvement (e.g., DMAIC, PDCA)
• A.4. Utilize standard visualization tools to analyze and improve current business and clinical processes (e.g., process mapping, flow diagramming, gap analysis)
• A.5. Interpret and analyze disparate data sets
• A.6. Formulate alternate processes and potential solutions for new or improved applications and/or systems
• A.7. Evaluate if a proposed solution aligns with the organization‘s strategic and operational plans
• A.8. Perform cost-benefit analysis to evaluate impact on issues related to healthcare systems (e.g., customer satisfaction, patient care quality, economics, access to care, business process improvement)
• A.9. Develop proposals that include recommended approaches and solutions, and plans for realizing benefits
• A.10. Analyze and interpret business documentation to promote system changes and/or implementations (e.g., RFPs, RFIs, SLAs, SOWs, NDAs, etc.)

B. Design

• B.1. Ensure interoperability of software, hardware, network components and medical devices
• B.2. Ensure compliance with applicable industry, regulatory and organizational standards
• B.3. Ensure a process exists to incorporate industry, technology, infrastructure, legal and regulatory environment trends
• B.4. Design an information infrastructure that supports current and anticipated business needs (e.g., business continuity, disaster recovery)
• B.5. Evaluate existing and emerging technologies to support organization‘s future growth and strategy
•  B.6. Employ and implement effective data management using an established data governance protocol

C. Selection, Implementation, Support and Maintenance

• C.1. Conduct solution selection activities (e.g., identify organizational stakeholders, demonstrations, site visits, reference
• C.2. Employ effective technical change management practices checks)
• C.3. Identify and execute effective training and support methods (e.g., computer-based learning, classroom training, train the trainer, at-the-elbow support from superusers)
• C.4. Implement solutions while managing scope, schedule, budget, and quality
• C.5. Maintain healthcare information systems (e.g., operate, upgrade)
• C.6. Analyze data for problems and trends (e.g., error reports, help desk logs, surveys, performance metrics, network monitoring)

D. Testing and Evaluation

• D.1. Administer a formal testing methodology (e.g., unit test, integrated test, stress test, acceptance test)
• D.2. Implement and monitor compliance with internal controls to protect resources and ensure availability, confidentiality and integrity during testing (e.g., security audits, versioning control, change control)
• D.3. Validate implementations against contractual terms and design specifications
• D.4. Evaluate that expected benefits are achieved and report metrics (e.g., return on investment, benchmarks, user satisfaction)

E. Privacy and Security

• E.1. Define and implement organizational policies and procedures to ensure confidentiality, privacy, security, availability, and integrity of data
• E.2. Assess and mitigate privacy and security vulnerabilities
• E.3. Define and implement user access controls according to established policies and procedures
• E.4. Assess and implement physical, technical, and administrative controls to ensure safeguards are in place to protect assets (e.g., servers secured, unattended computers, two factor authentication)
• E.5. Define organizational roles responsible for managing vulnerabilities (e.g., information security, physical security, compliance)
• E.6. Develop and implement data management controls (e.g., data ownership, criticality, security levels, protection controls, retention and destruction requirements, access controls)
• E.7. Validate on an ongoing basis the security features of existing systems

• A.1. Contribute to organizational strategic planning (e.g., measure performance against organizational goals)
• A.2. Assess the organizational environment (e.g., corporate culture, values and drivers)
• A.3. Forecast technical and information needs of an organization by linking resources to business needs
• A.4. Develop and implement an IT strategic plan and departmental objectives that align and support organizational strategies and goals
• A.5. Evaluate performance (e.g., SLAs, goal/performance indicators, systems effectiveness)
• A.6. Evaluate effectiveness and user satisfaction of systems and services being provided
• A.7. Promote stakeholder understanding of information technology opportunities and constraints (e.g., business and IT resources, budget, project prioritization)
• A.8. Develop policies and procedures for information and systems management
• A.9. Comply with legal and regulatory standards
• A.10. Understand and comply with the organization‘s ethical business principles 
• A.11. Employ comparative analytics (e.g., indicators, benchmarks)
• A.12. Prepare and deliver business communications (e.g., presentations, reports, project plans)
• A.13. Facilitate group discussions and meetings (e.g., consensus building, conflict resolution)
• A.14. Provide consultative technology services to the organization
• A.15. Develop educational strategies for the information and management systems function
• A.16. Maintain organizational competencies on current IT technologies and trends
• A.17. Apply effective risk management to internal and external processes (e.g., risk assessment, risk mitigation)
• A.18. Maintain effective and ethical working relationships with internal and external stakeholders (e.g., clinicians, vendors, partners)
• A.19. Present interpretations and recommendations of data analyses to decision makers A.20.Employ organizational change management techniques in support of solution implementation
• A.21. Define roles, responsibilities and job descriptions for healthcare IT functions
• A.22. Evaluate staff competency in information and management systems skills
• A.23. Manage projects and portfolios of projects
• A.24. Manage contractual agreements with vendors and partner (e.g., contract cost, schedule, support, maintenance, performance)
• A.25. Manage budget and financial risks