EDRM Blog

Nickl and Evans on the Differences between Data Breach and Litigation Reviews

Guy with apple and orangeRalph Nickl, CEO of Canopy Software, an EDRM Partner, and eDiscovery expert, Brian Evans, recruited by Lighthouse after over a decade at Norton Rose Fulbright, are publishing a three part series entitled, 9 Differences between Data Breach and Litigation Reviews. While many believe that eDiscovery systems and processes can be leveraged for data breach reporting without changes, Ralph and Brian give us the benefit of their experience in both domains.

For a data breach review, utilizing common litigation approaches like search terms and regular expressions results in enormous false positives to review and, based on case studies, will miss key documents containing reportable data.

Read Part 1  on the Canopy website.

Continuing their three part series, Nickl and Evans compare the personnel required for a review, with the first pass focused on identifying protected information, and attorneys focusing on deciding whether the information is reportable.

Deliverables are different between breach and litigation reviews:

A litigation review delivers a list of relevant documents corresponding to issues that tell a story. In contrast, a data breach review compiles a de-duplicated list of all affected individuals, their affected protected data elements, and contact information. This list provides information for the attorney to make decisions on reporting obligations by jurisdiction and is also used in the notification process itself.

Read Part II on the Canopy website.

Reporting, cost factors and technologies, while similar, have different use cases and timelines, according to Nickl and Evans:

Litigation review requires regular and timely reporting of certain metrics to gauge progress, accuracy, and totals of relevant or privileged information found. Data breach review requires much of this same reporting, but also requires on-demand sensitive data reporting of the numbers and types of protected elements found for each jurisdiction.

Read Part III on the Canopy website.

===========================

Read Part 1  on the Canopy website.

Read Part II on the Canopy website.

Read Part III on the Canopy website.

===========================

[Post updated to reflect Part II and Part III]

 

0

Mary Mack

Mary Mack leads EDRM, the global project-based organization, and is the former executive director of ACEDS, the Association of Certified E-Discovery Specialists. Mary is known for her skills in relationship and community building, as well as for the depth of her e-discovery knowledge.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

en_USEnglish
es_ESSpanish en_USEnglish
X