Email analysis to support timely data breach response and notification requirements

Oct 4 2019

eMerge analyzed the contents of email mailboxes that may have been accessed during a data breach incident to timely identify whether any personally identifiable information was exposed that may trigger the notice requirements of multiple state and federal agency regulators. Our active consulting role included getting to know our client and its data and coordinating with breach counsel to defensibly reduce the volume of data requiring manual review.

By taking on more aspects of the process, including tasks that may traditionally be performed by a forensics vendor (applying search terms) or breach counsel (using technology to refine notification list and make final review calls), we accurately, defensibly, and cost-effectively helped our client identify the necessary notice recipients within the required time frame.

The Challenges

• Aggressive deadlines for notice requirements that do not consider complexity and volume of data to be analyzed
• Numerous stakeholders to coordinate including client, breach counsel, forensic investigation team, notice vendor, and insurer
• Constantly evolving scope of review as forensic team continued investigation
• Large spreadsheets of customer data
• Lack of standard forms used for intake of customer data

eMerge Solutions

eDiscovery Strategy

• Leveraged knowledge of client’s business, industry, and data analytics to prioritize data likely to contain PII and to cull data not likely to contain PII
• Used early case assessment tools to refine search terms and file type analysis to remove data from manual review
• Identified high risk documents containing PII, and used technology-assisted review and categorization to isolate similar documents for priority review and extraction of required notification details

Managed Review

• Project management and high-level strategic consulting to harmonize multiple review tracks, including technology-assisted review, advanced legal review, linear review, notice element data entry, and quality control

Advanced Technology

• Leveraged proprietary workflows and technology for drafting final notification list to reduce manual data entry
• Applied custom technology to generate fielded export so that breach counsel could analyze potential notification data sets and cull and sort data as needed
• Used automated redaction tools and repeated content filters to isolate PII