What is your Incident Response Plan? If you said “Oh, we’ll just call IT,” then you need to listen to this podcast. We will review the October 2022 OCR Newsletter that discusses nine procedures that entities should consider including in the incident procedures.
In this episode:
9 Incident Response Procedures – Ep 381
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
The Privacy and Security Boot Camp
3.5 day In Person Event
Mar 12, 13, 14 and 15, 2023
PriSecBootCamp.com
Great idea! Share Help Me With HIPAA with one person this week!
Learn about offerings from the Kardon Club
and HIPAA for MSPs!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!
HIPAA Say What!?!
[03:07]“Ding Dong” — FTC-Drizly Data Breach Settlement Will follow CEO Personally for a Decade | Mintz
Say what? The very first paragraph reads:
Wow! The article goes on to list the information security issues from the FTC complaint. I want to point out that these issues are required under HIPAA as well. Basically the FTC has put Drizly on a 20 year CAP. And you thought a 2 year CAP by OCR was outrageous.
9 Incident Response Procedures
[09:29]October 2022 OCR Cybersecurity Newsletter
The newsletter includes a lot of information explaining the importance and regulations requiring entities to have incident response plans. The section we feature in this episode discusses all the procedures that entities “should consider including” in the incident procedures. That part comes after they point out that you need to stop the attack and neutralize the attack first and foremost in your plan. While many assume that is what an incident plan would be, they are missing a bunch of other things needed. So here are the 9 procedures identified by OCR that you should “consider” wink, wink.
Responding to security incidents
- Designating appropriate personnel (qualified internal resources and/or external third parties) to be members of the security incident response team
- A communication plan and contact information for notifying all members of the security incident response team, and others as required (e.g., management) when a security incident occurs
- Processes to identify and determine the scope of security incidents
- Instructions for managing the security incident
- Creating and maintaining a list of assets (computer systems and data) to prioritize when responding to a security incident
- Conducting a forensic analysis to identify the extent and magnitude of the security incident
- Reporting the security incident to appropriate internal and external entities (e.g., the regulated entity’s IT and legal departments, local FBI Cyber Task Force Field Office, federal and state regulatory authorities, and other individuals or entities as required)
- Processes for collecting and maintaining evidence of the security incident (e.g., log files, registry keys, and other artifacts) to determine what was accessed during the security incident
- Processes for conducting regular tests of the security incident response process
So, that is their list of things to consider. We know what that means.
Here’s the thing is, you don’t know what you don’t know. Creating an incident response plan may seem complicated, but you have to start somewhere. Start with creating your team and then go through the list we reviewed, start documenting, create plans and then work to keep them up to date.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.