Breach Response

Post Breach Response Program

 

clock

 

Upon notification of a breach occurring, time will either be your friend or your enemy. 46 states have enacted new breach notification requirements each having certain deadlines to meet. When missed, fines, fees, and penalties begin to grow.

Having a resource to call and a plan in place will limit chaos and speed up the recovery process that will enable your organization to get back to what it does best, healthcare.

There are two main things to keep in mind when the time comes to respond to a data breach:

  1. Speed and planning- the faster and more organized you are, the less damage there will be to repair.
  2. As all audits require, documentation is critical. Everything from dates and times of occurrence to all individuals involved.

Upon discovery of a breach, IDTSOA will assist your hospitals task force with the following:

  1. Identifying the cause
    • Physical/Electronic/Type of data
  2. Documentation of the breach
    • Checklist and audit trail
  3. Discovery of the lost/stolen data *
    • IT Analysis/forensics…
  4. Notification to affected Individuals *
    • Custom Mail/Letters/Email/Website
  5. Annual credit monitoring for victims (When chosen by facility) *
    • Custom Base product offering starts at .50/mo. per identity
    • More comprehensive offerings available as well
  6. Corrective measures plan
    • Customized Annual updates to policy and training as needed

* Existing DBPP (Data Breach Prevention Program) clients will receive a substantially reduced rate for the additional fee based services chosen above.

Whether you are already facing a breach or you need assistance in creating a plan to be proactive, IDTSOA has the expertise and resources to becoming your partner.

Your particular program must be tailored to your facilities size, complexity, and nature of its operation.

The suggestions and laws discussed in this response plan are, like most laws, routinely amended and interpreted through legal and social challenges. You are encouraged to review the program and requirements and draw your own conclusions through independent research and counsel.