Create an incident response policy for a health care organization.

CREATE AN INCIDENT RESPONSE POLICY

Look for at least two incident response policies for organizations of a similar type to your organization. In addition, download NIST “Computer Security Incident Handling Guide, rev 2” SP800-61 located at http://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdf.  Based on your research, create an initial draft of an incident response policy for your organization. Consider HIPAA and other health care–related compliance requirements. Create a summary report that justifies the content you included in the draft policy. Reference your research so that one may add or refine this report before submission to senior management. Prepare a two (2) page, double-spaced document using Times New Roman 12 point. Post finished document in iLearn by the due date in the syllabus.

Assignment 3 Create an Incident Response Policy

Learning Objectives and Outcomes

· Create an incident response policy for a health care organization.

· Explore policy creation for incident response for a health care organization.

Scenario

You work for a large, private health care organization that has server, mainframe, and RSA user access. Sean, your manager, has been asked to provide the latest version of the organization’s incident response policy. To his knowledge, no policy exists. He has asked you to research and create an incident response policy over the weekend.

Assignment Requirements

Look for at least two (2) incident response policies from other organizations of a similar type to your organization. In addition, download NIST “Computer Security Incident Handling Guide, rev 2” SP800-61 located at http://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdf.

· Based on your research, create a detailed draft incident response policy for your organization.

· Consider HIPAA and other health care–related compliance requirements.

· Create a summary report that justifies the content you included in the draft policy.

· Reference your research so that Sean may add or refine this report before submission to senior management.

· Describe clear compliance requirements from HIPAA and two (2) other related compliance sources. Sources are used to justify compliance requirements in policy.

· Include and cite at least three (3) examples of similar incident response policies from other health care organizations. Also cite use of NIST SP 800-61 as well.

· Assignment is worth 100 points.

Required Resources

· Access to the Internet

Minimum Submission Requirements

· Format: Microsoft Word

· Font: Times New Roman 12 point

· Citation Style: APA

· Length: two (2) pages, double-spaced, left justified