SECURITY & SECURITY BREACH INSTRUCTIONS
If you are a vendor of San Andreas Regional Center and sensitive/confidential information was stolen, the following forms need to be completed and submitted to San Andreas Regional Center firstname.lastname@example.org ASAP:
1. Security incident report.
2. Police Report # that was filed.
In addition to this report, you must submit a special incident report for each affected consumer. We’ll need to know what the corrective actions for the Vendor are? (e.g. is there a policy in place about leaving PHI in an unattended vehicle?). We will also required a “redacted” copy of (1x) of the letters that have gone out to each person who may have been affected by the breach. Here are some sample letters for you to consider. ISO – SIMM 65D – TEMPLATE Letter Samples
Best Practices for Protecting Confidential, Sensitive and Personal Information All service providers should review the Program Advisory from the Department of Developmental Services (DDS) regarding best practices for protecting confidential, sensitive, and personal information, regardless of format (i.e. electronic or paper).
>> View the memo from the SARC
Agency Information Security Incident Report Instructions and Form Please read the Agency Information Security Incident Report Instructions and complete the Agency Information Incident Report posted below in the event of a security breach. We are also posting the California Office of Information Security & Privacy Protection’s “Privacy Protection Recommendations: What to do if your personal information is compromised.” Questions? Please call (818) 756-6116.
Security Breach Sample Breach Notices