Computer Emergency Response Plan

Version1.0.0 Last Updated2024-03-29 APPROVED

Purpose

The purpose of this Computer Emergency Response Plan is to outline the procedures and actions to be taken in the event of a computer emergency or security incident at AccuCode AI Inc. This plan is designed to minimize the impact of such incidents on the company’s operations, protect sensitive healthcare data, and ensure the timely restoration of critical systems and services.

Scope

This plan applies to all employees, contractors, and third-party vendors who have access to AccuCode AI Inc.’s computer systems, networks, and data.

Incident Reporting

In the event of a computer emergency or security incident, the following steps should be taken:

  1. Immediately notify the InfoSec team by emailing security@accucodeai.com or calling the Engineering team lead.

  2. Provide a detailed description of the incident, including the date and time it occurred, the systems and data affected, and any actions taken so far.

  3. Do not attempt to investigate or resolve the incident on your own, as this may compromise the integrity of the investigation and recovery efforts.

Incident Response Team

The Incident Response Team (IRT) is responsible for managing and coordinating the response to computer emergencies and security incidents. The team consists of the following members:

  • Chief Technology Officer (CTO)
  • InfoSec Team Lead
  • Legal Counsel

Incident Response Procedures

Upon receiving a report of a computer emergency or security incident, the IRT will:

  1. Assess the severity and scope of the incident.
  2. Contain the incident to prevent further damage or unauthorized access.
  3. Investigate the incident to determine its cause and identify any compromised systems or data.
  4. Develop and implement a recovery plan to restore affected systems and data.
  5. Document the incident, including a timeline of events, actions taken, and lessons learned.
  6. Notify relevant stakeholders, including management, legal counsel, and affected clients, as appropriate.

Incident Severity Levels

Incidents will be classified according to the following severity levels:

  • Level 1 (Critical): Incidents that pose an immediate threat to the confidentiality, integrity, or availability of sensitive healthcare data or critical systems.
  • Level 2 (High): Incidents that have the potential to cause significant damage or disruption to operations, but do not pose an immediate threat to sensitive data or critical systems.
  • Level 3 (Medium): Incidents that have a limited impact on operations and do not pose a threat to sensitive data or critical systems.
  • Level 4 (Low): Incidents that have minimal impact on operations and do not pose a threat to sensitive data or critical systems.

Incident Communication

During an incident, the IRT will provide regular updates to management and affected stakeholders via email, phone, or in-person meetings, as appropriate. The frequency and method of communication will depend on the severity of the incident and the needs of the stakeholders.

Post-Incident Review

After an incident has been resolved, the IRT will conduct a post-incident review to:

  1. Evaluate the effectiveness of the incident response procedures.
  2. Identify areas for improvement in the incident response plan and related policies and procedures.
  3. Develop and implement any necessary changes to prevent similar incidents from occurring in the future.

Plan Maintenance

This Computer Emergency Response Plan will be reviewed and updated annually, or more frequently as needed, to ensure that it remains current and effective. All employees, contractors, and third-party vendors will be trained on the plan and their roles and responsibilities in the event of an incident.