Incident Response for Small Healthcare Organizations
Build an IR capability sized to a clinic or small hospital: a plan aligned to NIST SP 800-61 Rev. 3, the HIPAA Breach Notification clock, the calling order (counsel, carrier, responder), and a tabletop you can run yourself.
Early-access pricing — final pricing set at launch. Secure checkout via Stripe.
Who this is for
Practice administrators, IT leads, and compliance officers who own the first hour of an incident
What you walk away with
- An IR plan structure aligned to 800-61 Rev. 3's CSF 2.0 lifecycle
- A regulatory-clock map: HIPAA §§164.404–408, your states, your carrier
- The one-page calling-order decision tree
- A tabletop scenario kit you can run quarterly without a facilitator
Curriculum
Module 1
The Plan That Works
800-61 Rev. 3's restructured lifecycle, severity tiers that fit a small org, and the roles that exist even when the team is three people.
- 30 min
The Rev. 3 Lifecycle
Structure a plan around CSF 2.0 functions instead of the 2012 phase model.
- 25 min
Severity Tiers and Tiny-Team Roles
Define incident severity and role assignments that survive a three-person reality.
Module 2
The Clocks and the Calls
Breach-notification timing (45 CFR §§164.404–408), state overlays, insurance panel requirements, and who you call first.
- 30 min
The Regulatory Clock
Map every notification deadline that applies to your organization before you need it.
- 20 min
The Calling Order
Build the counsel → carrier → responder decision tree with names and numbers.
Module 3
Practice Under Pressure
The self-run tabletop: scenarios worth rehearsing, why too-easy exercises are worse than none, and turning findings into plan revisions.
- 35 min
Running Your Own Tabletop
Facilitate a quarterly tabletop from the scenario kit and capture findings that change the plan.
- 20 min
After-Action Into the Plan
Close the loop: lessons-learned discipline that keeps the plan alive between incidents.
Early-access pricing — final pricing set at launch. Secure checkout via Stripe.