Incidents Overview

Modified on Tue, 19 Nov at 6:30 PM

Incidents


IMPORTANT: Functionality for Incident Reporting is also now contained in the Admin Module. Please see the Admin Module Overview knowledge base article for more details.



The Incident Module allows an Organization to manage the Incident Reporting/Response requirements from within The Guard.


TABLE OF CONTENTS


Creating and Managing an Incident


Creating a New Incident 

  1. Creating a New Incident

    1. Navigate to the Incidents module.

    2. Select + Add Incident.

    3. Fill in the following fields:

      • Incident Title: Provide a name for the Incident.
      • Location: Select the location affected by the Incident. (If the organization has only one location, select it.)
      • Vendor Reported: If the Incident involves a Vendor, select the Vendor from the dropdown menu. Note: The Vendor must first be created in the Vendor Module.
      • Reported By: Identify the person reporting the Incident. Reporting can also be done anonymously.
      • Incident Type: Choose a preexisting Incident Type provided by The Guard that best fits the scenario. If no suitable type exists, select “Other” and manually enter the type of Incident.
      • Incident and Discovery Date:
        • Incident Date: The date the Incident occurred.
        • Discovery Date: The date the Incident was discovered or when the Organization was made aware of it.
      • Incident Affected More than 500 Members: If the Incident impacted more than 500 individuals, check this box. Note: This may affect breach notification requirements (see policies) if unsecured PHI is involved.
    4. The Description field is optional and not required to save and create a new Incident. This field can be updated and revised continuously as the investigation progresses.


After an Incident is created selecting an incident from the table opens the Incident Details where Investigation, Notes, and Evidence fields are available to update as the investigation progresses. Additionally, by selecting + Add Task  team members can be assigned tasks to support the investigation process.


You can adjust the Incident’s Status from the Incidents module by:

  • Using the checkboxes on the left-hand side and then using Bulk Actions dropdown.
  • Selecting the Ellipsis (•••) on the right-hand side of an Incident.

Incident Statuses

  • Not Verified: All Incidents are assigned this status by default.
  • Under Investigation: Changes the status for selected Incidents to Under Investigation. This indicates that the Organization is actively investigating the Incident/Breach and making updates.
  • Verified: Marks the selected Incidents as Verified. This status is a middle-ground between Under Investigation and Completed.Note: Marking an Incident as Verified does not affect the Incident itself but can help manage multiple Incidents.
  • Completed


Filters can be applied to the table to view incidents by Location, Type, All Affected (500 or more) and Investigation Status.






Related articles:


Completing The Breach Determination Assessment Form

Job Aid for Analysis of Security of PHI

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article