Every healthcare organisation faces risk — clinical, legal, financial and operational — and someone has to manage it. The CPHRM (Certified Professional in Healthcare Risk Management) is the credential that defines expertise in doing exactly that. This guide explains what the CPHRM is, who awards it, what the exam covers, who's eligible, and why healthcare risk management is a growing and valued specialty across the region.
What is the CPHRM?
The CPHRM is awarded by the American Hospital Association (AHA) through its Certification Center, and it's closely associated with ASHRM (the American Society for Health Care Risk Management). It certifies that you can identify, assess and manage the full spectrum of risks a healthcare organisation faces — protecting patients, staff and the institution from harm and liability. Risk management sits at the intersection of clinical safety, law, finance and operations, and the CPHRM validates competence across all of them.
The CPHRM exam
The CPHRM is a computer-based, multiple-choice exam.
| Element | Detail |
|---|---|
| Questions | 110 multiple-choice questions (100 scored, 10 unscored pretest) |
| Time | 2 hours |
| Cost | approx. $425 |
| Validity | 3 years (renewed via continuing education) |
The five content domains
The exam covers five domains spanning the breadth of healthcare risk:
| Domain | Approx. weight |
|---|---|
| Clinical / patient safety | 25 scored questions |
| Legal and regulatory | 20 scored questions |
| Healthcare operations | 20 scored questions |
| Claims and litigation | 20 scored questions |
| Risk financing | 15 scored questions |
The breadth is the point: a risk manager must be conversant in clinical safety and law and finance and operations. Confirm the current content outline and weightings in the AHA candidate handbook.
Who is eligible for the CPHRM?
Eligibility combines education and healthcare experience. Broadly, candidates qualify through combinations such as a bachelor's degree plus around five years of healthcare experience, an associate degree plus about seven years, or a high-school diploma plus roughly nine years — typically alongside experience in healthcare risk management. Confirm the exact current requirements with the AHA before applying.
Why healthcare risk management matters
As healthcare grows more complex and regulated — and as accreditation frameworks like CBAHI, GAHAR and JCI demand robust risk management — the need for skilled risk professionals rises with it. Risk management is where patient safety meets legal protection and financial stewardship, making it a strategically important, well-regarded and durable career. The CPHRM is the credential that opens it.
It complements other quality credentials neatly: a CPHQ for broad quality, a CPPS for safety depth, and the CPHRM for the risk dimension. Together they cover the full landscape of protecting patients and organisations.
Ready to specialise in healthcare risk management? IMETS helps you prepare for the CPHRM with practical, bilingual training — explore the program.
Where risk management fits in a healthcare organisation
Healthcare risk management is often misunderstood as purely an insurance or legal function. In reality it's a bridge discipline that connects clinical safety, law, finance and operations. A good risk manager works with patient-safety teams on preventing harm, with legal on claims, with finance on risk financing and insurance, and with operations on day-to-day exposures. The CPHRM's five domains mirror exactly this breadth — which is why the role suits people who enjoy working across silos rather than deep in one.
How to prepare for the CPHRM
The CPHRM's breadth is its challenge: few candidates are equally strong in clinical safety, law, finance and operations. Effective preparation means honestly identifying your weakest domain — often risk financing for clinicians, or clinical safety for administrators — and giving it extra time. Work from the AHA's current content outline, use quality practice questions across all five domains, and connect the concepts to real situations in your organisation.
Frequently Asked Questions
Who awards the CPHRM certification?
The American Hospital Association (AHA), through its Certification Center, awards the CPHRM. It is closely associated with ASHRM, the American Society for Health Care Risk Management.
What does the CPHRM exam cover?
Five domains: clinical/patient safety, legal and regulatory, healthcare operations, claims and litigation, and risk financing — 110 questions (100 scored) in 2 hours.
What are the CPHRM eligibility requirements?
Combinations of education and healthcare experience — for example a bachelor's plus about five years, an associate plus about seven, or a high-school diploma plus about nine — typically with risk-management experience. Confirm with the AHA.
How long is the CPHRM valid?
Three years, renewed through continuing education. Confirm current recertification requirements with the AHA.
Prepare for the CPHRM with IMETS
View the Quality Management Diploma