Data Breach Analysis
Arete’s powerful analytics help clients rapidly and cost-effectively identify and report on sensitive or regulated data that may have been compromised or stolen.
Data Breach Analysis
Theft or compromise of sensitive or regulated data may trigger compliance requirements for victim businesses. For cyberattacks where sensitive data may have been accessed or exfiltrated, Arete provides clients with a means of quickly identifying and reporting on potentially compromised data across Office 365, Amazon, Google, SQL, and local storages.
Unlike traditional document review vendors, we understand the unique requirements of a sensitive data review in the context of a breach. Our dedicated analysts employ powerful artificial intelligence and machine learning tools to quickly comb through systems to identify and extract relevant personally identifiable information (PII) and protected health information (PHI), giving your legal counsel the confidence in making data-informed decisions for compliance obligations and breach notifications.
Director, Data Breach Advisory
- Intake/check-in data for processing.
- Execute data processing with global de-duplication to extract text and metadata.
- Index and prepare full data population for advanced searching.
- Execute PII/PHI search terms across the full data population and produce search term report as part of programmatic review.
- Identify number of non-searchable files for manual review.
- Align on final document count for manual review post-searching.
- Perform first pass review of all records identified for manual review to make initial determination on whether PII/PHI is present.
- After subset of records are identified containing PII/PHI, second pass review commences to manually extract data elements, such as names, addresses, SSNs, DOBs, financial information, PHI.
- For certain file types, such as Excel or CSV, programmatic extraction methodologies are applied to extract out information automatically rather than manually.
- Generate notification list based on extractions during second pass review, including a report listing individual names and data elements requiring potential notification.
- Perform de-duplication of entries where individual is clearly the same person based on data elements, such as SSN and DOB.