The organization must define and document a procedure to deal with security events.
HIPAA Security Rules 164.308(a)(1)(i): Security Management Process: Implement policies and procedures to prevent, detect,contain, and correct security violations.
HIPAA Security Rules 164.312(a)(2)(ii): Emergency Access Procedure: Establish (and implement as needed) procedures for obtaining necessary electronic protected health information during an emergency.
Start with Fluid Attacks
We are a proud corporate member of the OWASP Foundation