Tag Archives | incident response plan

Updated Breach Response Plan for 2015

Have you updated your data breach response plans for 2015? When your organization suspects a data privacy or security incident has occurred, you must act quickly to initiate and manage your response. The process tends to be complex, stressful and “high stakes” given that your customers or patients are affected and your reputation is at […]

Read full story Comments { 0 }

Data Incident Response – You’re Doing it Wrong!

Using a GRC platform, spreadsheet or homegrown system to manage your privacy and security incident response?  You’re doing it wrong!  You need the right tool for the job! About five years ago I walked into a fly fishing shop near me looking for some flies.  At the time I didn’t know much about fly fishing, […]

Read full story Comments { 0 }

Meaningful Use Means Meaningful Risk Assessment and Incident Response Plan

With the ongoing Meaningful Use timeline and the Risk Assessment requirement: “perform a security risk analysis, apply security updates as needed, and remediate any problems that the risk analysis discovers”  more and more organizations are looking into Privacy and Security Risk Assessments and Incident Response Planning and Testing. Rick Kam and Mahmood Sher-Jan, executives at […]

Read full story Comments { 0 }

Health Worker Falls for Phishing Ploy, Causes Data Breach

An employee at the Kentucky Department of Community Based Services (DCBC) fell for the oldest trick in the address book when he/she clicked on a phishing email and exposed the records of 2,500 of his/her fellow employees. “In July, a Cabinet’s Department for Community Based Services (DCBS) employee responded to a phishing e-mail sent by […]

Read full story Comments { 0 }

Privacy and Data Breach Lessons From the Industry

Last week at a gathering of privacy, security, compliance and legal professionals in New York, hosted by AHA and ID Experts, Meredith Philips, the Chief Privacy Officer of Henry Ford Health Systems, spoke about the lessons her organization learn from responding to data breaches.  She told the story of their first notifiable data breach and […]

Read full story Comments { 0 }

Data Breach Tips for the Small Business

Small Businesses are especially vulnerable to data breaches as they usually house lots of data but lack the proper resources to protect and maintain that data.  A large data breach can bring a SMB to it’s knees… just ask the recently bankrupt Impairment Resources. Being protected, through routine risk analysis, being informed, through data audits […]

Read full story Comments { 0 }

Data Breach: Before, During and After

When it comes to minimizing risk before, during and after a data breach, having a proper incident response plan in place, which has been tested and proven, is key.  During a recent AHA webinar it was revealed that 44% of healthcare respondents did not have an incident response plan.  But a good incident response plan […]

Read full story Comments { 0 }

Reorganized privacy, security teams speed data breach response

Healthcare Informatics has a nice article about Henry Ford Health System, a four hospital system in Michigan, and their challenging experiences with data breach response plans.  Meredith Phillips, chief privacy officer for the system, explains a before and after response plan. “Working with ID Experts, HFHS crafted a new approach to breach response. Under the […]

Read full story Comments { 0 }

Many Healthcare Organizations Still Without Data Breach Response Plans

Recently during an AHA webinar on healthcare data breaches the moderators polled to see how many attendees had Incident Response Plans, which are required under the HIPAA security rule, and the results were alarming. 44% didn’t have one, and 22% had one but never tested it, which begs the question, what are they waiting for? […]

Read full story Comments { 0 }