ABSTRACT
Todays healthcare environment is competitive enough without an incident interrupting one's organization s operations. Incidents can be expensive to organizations in terms of system downtime, labor costs, fines and penalties, or loss of reputation. Patients can be adversely affected as well, with an incident resulting in delayed or interrupted healthcare delivery, identity theft, or embarrassment from a breach with their patient data. When organizations put forth the effort, they quickly find there are low-cost, high-impact incident response solutions available to them. An incident can be defined as any event, actual or suspected to have occurred, which destroys or degrades the availability, integrity, and confidentiality of information system resources, computer-based systems, computer-maintained data files, documents or procedures. The National Institute of Standards and Technology’s Computer Security Incident Handling Guide is an excellent benchmark to measure against because it is an up-to-date, relevant best practice reference.
