Medical Group Management Association
Join Now

Incident Response Plan Checklist

Member Tool - June 17, 2021


Compliance Regulations

HIT Regulations

An incident response plan allows practices to respond quickly and appropriately to information security incidents. An incident response plan and procedures must be tested at least annually and updated as needed to comply with industry standards.

  • An “event” is an observed change in normal behavior of the system, environment, process, workflow or personnel.
  • An “incident” is a violation or possible violation of computer security policies and procedures that could jeopardize the integrity, confidentiality or availability of information resources or operations. The incident may or may not lead to a negative adverse event.
The National Institute of Standards and Technology ( has numerous resources and templates to help develop cybersecurity policies and procedures. The SANS Institute ( offers industry training and resources on cybersecurity, and the Cybersecurity & Infrastrcuture Security Agency (CISA, has pertinent information on cybersecurity essentials as well.

Sign in to access this material

Member Login Become a Member

About the Author

Cristy Good
Cristy Good MPH, MBA, CPC, CMPE
Sr. Industry Advisor MGMA

Shopping Cart

Your cart is empty

Click here if your organization is tax exempt

A State Sales tax exempt certificate must be on file and taxable items cannot be ordered online. For immediate assistance during normal business hours of 7:00am to 5:00pm MT M-Th and 7:00 am to Noon MT on Friday, please call toll-free: 877-275-6462, ext. 1888



Use two letter code for US states
Use three letter code for country
Use two letter code for US states
Use three letter code for country
Use two letter code for US states
Use three letter code for country

Grand Total:
Saved credit card is required for opt-in to autorenew.

Questions? Contact the MGMA Service Center for assistance during checkout or review our return policy for more information.




Thank you for your purchase! If you purchased an event, you will be receiving a follow-up email from our Learning Management System regarding the product/event purchased and no further action is required.