HHS has published a very brief guide, in the form of a checklist, to explain the steps for a HIPAA covered entity or business associate to take in response to a cyber related security incident.  You can access the checklist at this link:

Cyber Related Security Steps