Breach Response Playbooks

When an incident happens, you need a fast, documented response. Compliance AI includes 14 pre-built playbooks for common scenarios. Use as-is or customize to your organization.

Available Playbooks

1. Data Breach (General) — Unauthorized access, loss, or theft of data
2. Model Compromise — Model weights leaked, model stolen, model poisoned
3. Training Data Exposure — Training data accidentally exposed
4. EU AI Act Article 73 Incident — High-risk AI system failure
5. GDPR Article 33 Breach — Personal data breach requiring 72-hour notification
6. HIPAA Breach — PHI exposure in healthcare system
7. CCPA Breach — California resident personal data exposed
8. Ransomware — Systems encrypted by attacker, recovery plan
9. Insider Threat — Malicious employee access
10. Third-Party Vendor Compromise — Vendor security incident
11. Biometric System Failure — Facial recognition or biometric data exposed
12. Model Bias Incident — System produces discriminatory decisions
13. Automated Decision Failure — AI makes catastrophic autonomous decision
14. Incident Investigation — General incident response framework

How to Use a Playbook

1. Go to Compliance > Incident Management > [System] > New Incident
2. Select incident type (see list above)
3. Choose template playbook
4. Compliance AI fills in:
   • Incident assessment criteria (is this actually the incident type?)
   • Notification requirements (who to notify, timeline)
   • Investigation steps (collect evidence, root cause)
   • Response actions (remediate, communicate)
   • Post-incident review
5. Customize based on your organization:
   • Change notification contacts (your DPO, security team, legal)
   • Adjust timeline (72 hours for GDPR, 60 for HIPAA)
   • Add internal stakeholders
6. Start incident response

Next Steps

• Create an incident: Go to Compliance > Incident Management > New Incident
• Track notifications: Authority Notifications
• Document timeline: Incident Timeline