Works with all organization personnel involved with any aspect of release of protected health information

Works with all organization personnel involved with any aspect of release of protected health information, to ensure full coordination and cooperation under the organizations policies and procedures and legal requirements.

Provide incident response training to users consistent with assigned roles and responsibilities within of assuming an incident response role or responsibility, when required by system changes and thereafter. Work with personnel exposed to information not within assigned access authorizations. Security safeguards include, making personnel exposed to spilled information aware of the federal laws, directives, and/or regulations regarding the information and the restrictions imposed based on exposure to such information. Provide incident response support resource, integral to the incident response capability that offers advice and assistance to users of the information system for the handling and reporting of security incidents.

Employ automated mechanisms to more thoroughly & effectively test the incident response capability. Response is generally based upon the degree of sensitivity of the spilled information, the security capabilities of the system, the specific nature of contaminated storage media, and the access authorizations of individuals with authorized access to the contaminated system.

Source :
http://ecfirst.com/myecfirst/wp-content/uploads/NIST_SP800-53_QRC_2015.pdf