HHS Policy for Rules of Behavior for Use of Information & IT Resources
1. Nature of Changes
Version 1.0: released July 2013. First issuance of policy.
Version 2.0: released December 2016. Added new statements to:
CMS Breach Analysis Team (BAT) Handbook
Introduction
Whenever there is an incident that has potentially compromised the security or privacy of CMS information or information systems, it is investigated by the Incident Management Team (IMT). They assess whether any categories of sensitive data may be compromised. If so, the incident is considered a suspected breach.