A GRReat framework for incident response in healthcare

This research seeks to examine the use of Google Rapid Response (GRR) in the healthcare setting and the general necessity for a more in-depth approach to malware incident response in healthcare organizations in general. GRR is a scalable framework that allows for data to be gathered from many machines at once, through multiple clients, single server architecture, in order to detect incidents of malware or malicious activity. With the increase in malware incidents and the sensitivity of healthcare data, it is important to make sure this information is secure. GRR is examined for its uses in the detection of malware, along with its meeting of HIPAA requirements such as privacy and the detection and notification of breaches (security being handled through the detection of this malware). It was determined that GRR has some great potential within this field, albeit it has some flaws and limitations that should be accounted for before implementing it within a healthcare organization. The biggest issue is making sure that the access control and privacy settings are correctly implemented to prevent a breach of information from GRR itself, due to the power of this tool to allow great access to any of the client computers connected to it.