I know that he has asked the same question of my right hon. Friend the Defence Secretary, and the answer is the same: we do not consider it
appropriate to talk about these
plans in public, but I can assure him that arrangements are in place for any such
contingency.
The HHS checklist offers general, step - by - step guidance for healthcare providers in the event of a security incident that includes: (1) immediately executing response procedures and
contingency plans to fix technical problems to stop a security incident; (2) reporting a security incident to
appropriate law enforcement agencies; (3) reporting all cyber threat indicators to federal and information - sharing analysis organizations; and (4) reporting a breach to the HHS as soon as possible (but no later than 60 days after the discovery of a breach affecting 500 or more individuals).