Recently during an AHA webinar on healthcare data breaches the moderators polled to see how many attendees had Incident Response Plans, which are required under the HIPAA security rule, and the results were alarming. 44% didn’t have one, and 22% had one but never tested it, which begs the question, what are they waiting for?
“Although the response is positive compared to five years ago – it was rare to find an organization with a data breach IRP in place, much less one that was tested – but the overall adoption rate still remains low.”
Rick Kam of ID Experts goes on to give some advice as to how to approach building and testing your organizations Incident Response Plan. You can read the whole article here.