Review the case

Introduction

Dot is a popular health management app that tracks health information for its users.

 

Business situation

It recently experienced a cyber attack where hackers were able to find out users’ names, passwords, upcoming medical appointments, and determine what health care provider each user had.

 

Problem statement

Vivian is the current CISO of Dot and is extremely worried about this news breaking to the general public. She called in Deloitte for guidance on how to respond and better prepare against similar attacks in the future.

Question 1

{{Question01}}

A: Confirm scope and type of the data breached (e.g. quantity, from which systems)

A: Confirm scope and type of the data breached (e.g. quantity, from which systems)

B: Understand if any system tests and analysis have been performed to ensure the breach is still not ongoing.

B: Understand if any system tests and analysis have been performed to ensure the breach is still not ongoing.

C: Status on any breach notification process to users (mandated in some jurisdications, CCPA, GDPR, HIPAA)

C: Status on any breach notification process to users (mandated in some jurisdications, CCPA, GDPR, HIPAA)

BackContinue
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see 
www.deloitte.com/us/about
 for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.
Copyright © {{CurrentYear}} Deloitte Development LLC. All rights reserved.