HIPAA · Administrative safeguards
§164.308(a)(6) Security incident procedures
Implement policies and procedures to identify, respond to, mitigate and document security incidents.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- NIST 800-53EquivalentOfficial mapping
Source: HIPAA Security Rule / NIST SP 800-53 Rev. 5
IR-4 Incident handlingIncident response & breach notification
- DORAPartialCuratedArt. 17 ICT-related incident management process
Incident response & breach notification
- DORAPartialCuratedArt. 19 Reporting of major ICT-related incidents
Incident response & breach notification
- GDPRRelatedCuratedArt. 33 Notification of a personal data breach to the supervisory authority
Incident response & breach notification
- GLBAPartialCurated§314.4(h) Incident response plan
Incident response & breach notification
- HIPAARelatedCurated§164.404 Notification to individuals
Incident response & breach notification
- LGPDRelatedCuratedArt. 48 Communication of a security incident
Incident response & breach notification
- NIS2PartialCuratedArt. 21(2)(b) Incident handling
Incident response & breach notification
- NIS2PartialCuratedArt. 23 Reporting obligations
Incident response & breach notification
- NIST 800-171PartialCurated3.6.1 Establish an incident-handling capability
Incident response & breach notification