Salary Survey Extra is a series of periodic dispatches that give added insight into the findings of our most recent Salary Survey. These posts contain previously unpublished Salary Survey data.

Personally identifiable information (PII) tends to draw hackers like nectar draws bees. There are various institutional repositories of PII, such as employment and credit records, but few places have as wealthy a trove of PII as healthcare facilities. For starters, think of everything that you disclose about yourself every time that you fill out one of those forms for new patients.

The importance of protecting medical records is such that cybersecurity professional association (ISC)² developed a certification for cybersecurity workers who specialize in working with medical data. The HealthCare Information Security and Privacy Professional (HCISPP) credential (No. 39 on our most recent Salary Survey 75 list) verifies knowledge of this critically important subset of cybersecurity.

Here’s what the salary picture looks like for HCISPP holders who responded to the Salary Survey:

All U.S. Respondents
Average Annual Salary: $126,010
Median Annual Salary: $127,000
How satisfied are you with your current salary?
Completely Satisfied: 3.7 percent
Very Satisfied: 4 percent
Satisfied: 69.2 percent
Not Very Satisfied: 23.1 percent
Not At All Satisfied: [No responses]

The (ISC)² certification program has a global footprint, but we didn’t hear from enough credential holders living and working outside the United States to formulate good data. So everything we’ve got here applies solely to U.S.-based HCISPP holders.

Cybersecurity as a profession has long been dominated by men, and HCISPP doesn’t precisely buck that trend, but we did hear from notably larger-than-usual chunk of women: 17.9 percent of respondents. On the other hand, it would seems that HCISPP appeals primarily to seasoned professionals. Not a single credential holders than younger than 35 participated in the survey, and just 15.4 percent of those surveyed are between the ages of 35 and 44. Everyone else is either between the ages of 45 and 54 (64.2 percent of respondents) or between the ages of 55 and 64 (38.5 percent).

Nearly 90 percent of HCISPP holders who participated in the survey have an educational background that includes time spent at a college or university. The highest level of formal education completed by most of those surveyed is either a bachelor’s degree (34.6 percent of respondents), master’s degree (46.2 percent), associate’s degree (4 percent), or doctorate (3.7 percent). The outliers are the 7.7 percent of those surveyed who topped out at some level of post-high school technical training and the 3.8 percent who are currently in the process of furthering their education.

A solid 92.9 percent of HCISPP holders who responded to the survey are employed full-time, with 3.7 percent holding part-time employment and 3.4 percent unemployed. Among those who have full-time jobs, most are at work either for the standard 40 hours per week (38.4 percent of respondents) or for between 41 and 50 hours per week (46.2 percent). Everyone else — a hard-working 15.4 percent of those surveyed — is on the clock for more than 50 hours per week.

Security professionals aren’t necessarily tied to a single workplace location. That’s a condition that has become even more pronounced during the ongoing COVID-19 pandemic with just 34 percent of the HCISPP holders we heard from enjoying the master-bedroom-to-kitchen-table commute either fewer than 10 hours per week (26.7 percent), or between 10 and 20 hours per week (7.7 percent). That leaves almost two-thirds of those surveyed who are true homebodies, working from home either between 21 and 30 hours per week (3.8 percent), 40 hours per week (27.2 percent), or more than 40 hours per week (34.6 percent).

In terms of workplace standing, the largest single group of HCISPP holders who participated in the survey, 32.2 percent of respondents, are employed at the director level. The rest, in descending order, are either senior specialists (21.4 percent of those surveyed), managers (14.3 percent), senior managers (10.7 percent), executives (7.3 percent), specialists (7.1 percent), or rank-and-file employees (7 percent).

A bit more than half of the HCISPP holders who participated in the survey are IT veterans, having worked in a role that directly utilizes one or more their certified skills for more than a decade (53.6 percent). The rest have been plying their certified skills for either between zero years (1 to 11 months) and 2 years (3.6 percent), between 3 and 5 years (14.3 percent), between 6 and 8 years (17.8 percent), or between 9 and 10 years (10.7 percent).

Finally, here’s the view of HCISPP holders on key questions from the survey about how certification impacts job performance:

At my current job I use skills learned or enhanced through certification:
Several times a day: 53.5 percent
Several times a week: 28.6 percent
Several times a month: 10.7 percent
Occasionally: 3.8 percent
Rarely: 3.4 percent

Since becoming certified, I feel there is greater demand for my skills.
Strongly agree: 46.4 percent
Agree: 32.1 percent
Neither Agree nor Disagree: 17.9 percent
Disagree: [No responses]
Strongly Disagree: 3.6 percent

Becoming certified has increased my problem-solving skills.
Strongly agree: 25.2 percent
Agree: 46.4 percent
Neither Agree nor Disagree: 24.8 percent
Disagree: [No responses]
Strongly Disagree: 3.6 percent

Becoming certified has increased my workplace productivity.
Strongly agree: 28.8 percent
Agree: 35.7 percent
Neither Agree nor Disagree: 28.3 percent
Disagree: 3.9 percent
Strongly Disagree: 3.3 percent

PAST HCISPP DEEP FOCUS FEATURES

2017

‍