> ## Documentation Index
> Fetch the complete documentation index at: https://docs.veridianhp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Incident response

> How Veridian Health Partners handles security incidents affecting Veridian Motion.

# Incident response

Veridian Health Partners maintains an incident response process for events
that could affect the security, integrity, or availability of **Veridian
Motion** data. This is a public summary; detailed runbooks are available to
customers under agreement.

## Detection

* Automated monitoring on authentication, API errors, and infrastructure health
* Anomaly alerting on unusual access patterns
* Customer reports via support channels
* Responsible disclosure to [security@veridianhp.com](mailto:security@veridianhp.com)

## Severity levels

| Level     | Examples                                                  |
| --------- | --------------------------------------------------------- |
| **SEV-1** | Confirmed unauthorized PHI access; production-wide outage |
| **SEV-2** | Suspected PHI exposure; major degraded performance        |
| **SEV-3** | Single-agency impact, no confirmed PHI exposure           |
| **SEV-4** | Internal issue, no customer impact                        |

## Response phases

1. **Detection** — alert or report received
2. **Triage** — scope and severity confirmed
3. **Containment** — revoke credentials, block access, isolate affected systems
4. **Eradication** — remove root cause
5. **Recovery** — restore service, verify integrity
6. **Post-incident review** — root cause, corrective actions, customer summary

## Customer notification

For **SEV-1 and SEV-2 incidents involving agency data**, Veridian notifies the
agency contact on file as soon as useful information is available — typically
within hours of containment, not after full investigation.

Incidents that may constitute a **breach of unsecured PHI** under HIPAA follow
Breach Notification Rule timelines (45 CFR § 164.410) for notifying the
covered entity.

## Agency obligations

When notified, agencies should acknowledge, provide scope information, and
cooperate on **patient** notification if required.

## Testing

Veridian runs periodic drills covering technical and communication paths.

## Reporting vulnerabilities

Email [security@veridianhp.com](mailto:security@veridianhp.com). We acknowledge
within one business day. Do not test against production PHI; use pilot
environments with synthetic data.

## What's next

<CardGroup cols={2}>
  <Card title="Security overview" icon="shield-check" href="/security/overview">
    Full posture summary.
  </Card>

  <Card title="HIPAA" icon="user-shield" href="/security/hipaa">
    BAA and breach framing.
  </Card>
</CardGroup>
