Your Behavioral Health Procedure for Handling Incident Notifications

1. Incident Notification

When an email about an incident on yourbehavioralhealth.com servers is received in the shared mailbox YBH@trofeosolutions.com, the Trofeo system automatically creates a ticket with basic incident details.

Example:

2. Review the Incident

    Open the ticket in Trofeo (or email) and click the provided link to review the incident in Microsoft Security Portal.

Example:

Use the shared account YBH@trofeosolutions.com to access the portal.

Example:

3. Contact the Client

After reviewing the incident details:

    Send an email to confirm the safety of the event with the client representatives.

Email details:

    From: security.operations@trofeosolutions.com

    To: david.chocco@yourbehavioralhealth.com, carleton@oagconsulting.com

    CC: Karen.Kayser@trofeosolutions.com, patsy.pollice@trofeosolutions.com, Greg.Pierce@trofeosolutions.com

    Subject: Trofeo SOC Notification of (Incident Name)

    Body: Trofeo’s Security Operations received and reviewed (Incident Name).

Include a table with the following details (taken from the incident link: https://security.microsoft.com/):

Example:

The letter ends with a request to the client and a signature: If you have any questions, please reply to this email. Thank you. Security Operations.

Example:

4. Document the Email

    Take a screenshot of the sent email.

    Add the screenshot to the Trofeo ticket notes.

Example:

5. Update Ticket Status

    Change the ticket status to Monitoring.

    Wait for a response from the client.

6. Client Response

    When the client confirms the incident is safe (via email), take a screenshot of the response.

    Add the screenshot to the Trofeo ticket notes.

Example:

7. Close the Ticket

    Change the ticket status from Monitoring to Resolved.