EDRM Blog

Nickl and Evans on the Differences between Data Breach and Litigation Reviews

Guy with apple and orangeRalph Nickl, CEO of Canopy Software, an EDRM Partner, and eDiscovery expert, Brian Evans, recruited by Lighthouse after over a decade at Norton Rose Fulbright, are publishing a three part series entitled, 9 Differences between Data Breach and Litigation Reviews. While many believe that eDiscovery systems and processes can be leveraged for data breach reporting without changes, Ralph and Brian give us the benefit of their experience in both domains.

For a data breach review, utilizing common litigation approaches like search terms and regular expressions results in enormous false positives to review and, based on case studies, will miss key documents containing reportable data.

Read Part 1  on the Canopy website.

Continuing their three part series, Nickl and Evans compare the personnel required for a review, with the first pass focused on identifying protected information, and attorneys focusing on deciding whether the information is reportable.

Deliverables are different between breach and litigation reviews:

A litigation review delivers a list of relevant documents corresponding to issues that tell a story. In contrast, a data breach review compiles a de-duplicated list of all affected individuals, their affected protected data elements, and contact information. This list provides information for the attorney to make decisions on reporting obligations by jurisdiction and is also used in the notification process itself.

Read Part II on the Canopy website.

Reporting, cost factors and technologies, while similar, have different use cases and timelines, according to Nickl and Evans:

Litigation review requires regular and timely reporting of certain metrics to gauge progress, accuracy, and totals of relevant or privileged information found. Data breach review requires much of this same reporting, but also requires on-demand sensitive data reporting of the numbers and types of protected elements found for each jurisdiction.

Read Part III on the Canopy website.

===========================

Read Part 1  on the Canopy website.

Read Part II on the Canopy website.

Read Part III on the Canopy website.

===========================

[Post updated to reflect Part II and Part III]

 

0

Mary Mack

Mary Mack is the CEO and Chief Legal Technologist for EDRM. Mary is the co-editor of the Thomson Reuters West Treatise, eDiscovery for Corporate Counsel and the co-author of A Process of Illumination: the Practical Guide to Electronic Discovery. She a member of the Illinois Bar and holds the CISSP among her certifications.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

en_USEnglish
es_ESSpanish en_USEnglish
X