Incident Response Plan for a Small to Medium Sized Hospital

Most small to medium health care organizations do not have the capability to address cyber incidents within the organization. Those that do are poorly trained and ill equipped. These health care organizations are subject to various laws that address privacy concerns, proper handling of financial inf...

Full description

Saved in:
Bibliographic Details
Published inInternational journal of network security & its applications Vol. 5; no. 2; pp. 1 - 20
Main Authors DeVoe, Charles, M. Rahman, Syed (Shawon)
Format Journal Article
LanguageEnglish
Published 31.03.2013
Subjects
Emergencies
Forensic engineering
Health care
Laws
Materials handling
Networks
Organizations
Risk
Online AccessGet full text
ISSN0975-2307
0974-9330
DOI10.5121/ijnsa.2013.5201

Cover

More Information
Summary:Most small to medium health care organizations do not have the capability to address cyber incidents within the organization. Those that do are poorly trained and ill equipped. These health care organizations are subject to various laws that address privacy concerns, proper handling of financial information, and Personally Identifiable Information. Currently an IT staffhandles responses to these incidents in an Ad Hoc manner. A properly trained, staffed, and equipped Cyber Incident Response Team is needed to quickly respond to these incidents to minimize data loss, and provide forensic data for the purpose of notification, disciplinary action, legal action, and to remove the risk vector. This paper1 will use the proven Incident Command System model used in emergency services to show any sized agency can have an adequate CIRT.
Bibliography:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:0975-2307
0974-9330
DOI:10.5121/ijnsa.2013.5201