Time is not on your side when a cyber event happens. Getting to the right data fast makes all the difference between success and failure. Contact Discovery offers an innovative combination of project managers, technology experts, and review specialists who are dedicated entirely to cyber event response. The cyber team at Contact can create highly accurate results, comprised of data with some of the fastest turnaround times in the industry.
Contact’s experience crosses GDPR, HIPAA, FERPA, CPRA, IP theft, and other disclosures of critical business information. Your team stays focused on defensibly reducing data volumes and costs while increasing accuracy and meeting regulatory deadlines.
Notify the right people on time.
Know within minutes if a cybersecurity incident is reportable, or a breach. Stay in compliance with your reporting and notification obligations to regulators, attorneys general, consumers, and business partners.
How do we respond to your cyber breach?
Phase 1: Data Mining
We create a detailed data inventory to show the key attributes in the identified data set such as file types (Excels, PDFs, Emails, etc.), user generated files, and system generated files. We process the remaining dataset and de-duplicate the data using HASH values, further reducing the document population. Next, we apply breach counsel approved search terms and regular expression matching to identify all documents and data that potentially contain PII, PHI, and other sensitive data points. Finally, we provide a “Search Term Report” showing document counts per each search term and regular expression.
Phase 2: Review & Extraction
We schedule a call with breach counsel to review the data mining results and determine if any additional documents can be culled via further analysis (domains, monthly newsletters, logos, etc.). Once breach counsel has approved the refined dataset, we initiate the review and extraction of PII, PHI, and other required data points per our agreed upon review protocol. We use automated (i.e. technology driven) processes and custom Contact Cyber scripts to extract the relevant data points from documents when possible. When the documents do not lend themselves to automated extraction, we use “eyes on” review and manual extraction.
Phase 3: Entity List Consolidation
Using unique identifiers, we create a raw list of all entities found during both the programmatic and manual review/extraction phase along with the associated “source” document for each entity. Next, we use our proprietary technology suite, EntityIQ, to automatically transform the raw entity list into a single, consolidated, and deduplicated list of affected entities. Our EntityIQ solution eliminates (1) Duplicate entries, (2) Invalid data, and (3) False positives.
