MUSC Policy: Information Security - Incident Response

 TITLE: Information Security  ID:
 ORIGINATOR: Information Security Office  DATE: Jan 5, 2005
 REVIEWED: President's Council  DATE: Feb 16, 2005
 APPROVED: Raymond S. Greenberg, MD, PhD  DATE: Feb 16, 2005
 IMPLEMENTATION: Enterprise-wide  DATE: Feb 16, 2005

1. RATIONALE

Please refer to MUSC Information Security Rationale: The Need for Safeguards for an overview of the legal and ethical considerations that have motivated the development of this policy. The following laws and regulations have particular relevance:

HIPAA Security: 164.308(a)(6)(i) Standard: Security incident procedures
HIPAA Security: 164.308(a)(6)(ii) Response and Reporting
FTC Safeguards Rule: 314.4(3)

2. POLICY

Because not all information security incidents can be prevented, MUSC requires an incident response capability that achieves these goals:

3. PROCEDURES

3.1. Definitions

Refer to MUSC Policy: Information Security: Appendix A.

3.2. Assigned Responsibilities

3.2.1. CSIRT

MUSC's Computer Security Incident Response Team (CSIRT) is responsible for:

In concert with MUSC management and the Owner(s) of affected System(s), the CSIRT ensures a coordinated response, involving the Enterprise ISO, the appropriate Entity IACO(s), IT support, Legal Counsel, Public Relations, Human Resources, Risk Management, Public Safety, and Engineering and Facilities resources needed to resolve each incident.

3.2.2. Workforce Members

Each MUSC workforce member is required to ensure that any known or suspected incident is promptly reported to the CSIRT. Incidents may be reported 24x7x365, using the procedures documented in the Computer Security Incident Reporting Procedures.

3.3. Sanctions

Refer to MUSC Policy: Information Security: Sanctions.

3.4. See Also

MUSC Computer Use Policy
MUSC Policy: Information Security
Computer Security Incident Reporting Procedures

4. ACCESS

This policy will be maintained and published electronically by the Information Security Office. This policy is a public document and there are no restrictions on its distribution.