Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


A Legal Education Presentation prepared and presented by HaystackID®

HaystackID Educational Webcast

Data mining has increasingly become one of the largest expenses during a cyber incident, often leaving claims professionals with blown budgets and insured clients in high-risk scenarios when assumptions about their data (and what may lurk within) dictate the operationalized response towards providing notice to affected parties after a breach.

A lack of standards amongst breach coaches, claims professionals, and the vendors who consult on and perform data mining work has resulted in an unmanageable situation for insurers, despite there being repeatable, defensible methods to stage, understand, and act on sensitive data utilizing workflows that are established in the scientific method and eDiscovery in general during litigation.

This session will highlight the risks of over and under notice of impacted individuals in a cyber incident and will discuss key checkpoints ahead of and throughout the data mining process, while giving claims professionals a new understanding of the types of levers they should be pulling internally at their organizations, and with their partners to optimize, manage, and establish repeatable processes with a special focus on the below underlying themes:


* Whether to provide individual notice under data breach law requires understanding some key facts: whose data is at issue? Where are they (in what jurisdiction)? What data is at issue? How (and to what degree) was the data compromised.

* When unstructured data is compromised, this requires identifying the who, where and what of the data through cyber review. Making assumptions about the data (even informed assumptions based on SMEs) will inevitably lead to over and under inclusive notice. PII and PHI can creep into places (and be missing from others).

* Over notice creates risk as it inflates the scope of the breach unnecessarily damaging the brand and making the incident more attractive for litigation.

* Under notice is worse as it can lead to questions about the sufficiency and completeness of the notice and remediation steps. Attacking the completeness of the notice allows plaintiff counsel to open a new front in their litigation.


Expert Panelists

Mike Sarlo

Chief Innovation Officer, President of Global Investigations and Cyber Incident Response Services, HaystackID

Mike, as Chief Innovation Officer, works closely with HaystackID’s software development and data science teams to deliver best-in-class data collection, eDiscovery, and review solutions that allow legal teams to act on data types typically not conducive to collection, review, or production in the context of eDiscovery. In his role as President of Global Investigations, Michael works closely with clients on the most challenging and complex regulatory, investigative, and civil litigation matters. Michael also oversees HaystackID’s Cyber Discovery and Incident Response Services division. He leads a cross-functional team of HaystackID experts that regularly assist insurers, breach coaches, and their corporate clients when a data breach occurs.

Susana Medeiros
Associate, Norton Rose Fulbright

Susana is an associate and a member of the Information Governance, Privacy, and Cybersecurity team. She is a Chambers-ranked attorney recognized and has represented clients both preparing for and responding to cyber incidents. Leveraging her traditional eDiscovery experience, Susana assists clients with efficiently and defensibly responding to cyber incidents to quickly identify data subjects impacted and the types of personal information impacted, and advise clients about the scope of the incident and the company’s obligations to notify the appropriate authorities and the people affected by breach. She also assists with providing advice around CCPA, CPRA, and GDPR compliance from an information governance and data minimization perspective.

Sam Sessler
Assistant Director, Global eDiscovery Services, Norton Rose Fulbright

Sam Sessler joined Norton Rose Fulbright in 2011 and currently oversees the eDiscovery consulting, cyber incident response, and discovery analytics teams. Previously, Sam worked in PwC’s (PricewaterhouseCoopers) Forensic Technology and Cyber group.  Sam brings a combined 14 years of consulting experience, specializing in electronic discovery, incident response, information governance, TAR,  data analytics, database design and administration, and forensic collection and technology.

Anya Korolyov
Vice President, Cyber Incident Response and Custom Solutions, HaystackID

Anya, the Vice President of Cyber Incident Response and Custom Solutions at HaystackID, has 17 years of experience in the legal industry as a licensed attorney, including 14 years of experience in eDiscovery, focusing on data mining, complex integrated workflows, and document review. In her role, Anya works on developing and implementing the strategic direction of Cyber Incident Response. Anya is one of the industry’s leading experts on Data Breach Incident Response, Notification, and Reporting, with a solid understanding of machine learning, custom object development, regular expressions manipulation, and other technical specialties.


About HaystackID®

HaystackID is a specialized eDiscovery services firm that helps corporations and law firms securely find, understand, and learn from data when facing complex, data-intensive investigations and litigation. HaystackID mobilizes industry-leading cyber discovery services, enterprise solutions, and legal discovery offerings to serve more than 500 of the world’s leading corporations and law firms in North America and Europe. Serving nearly half of the Fortune 100, HaystackID is an alternative cyber and legal services provider that combines expertise and technical excellence with a culture of white-glove customer service. 

HaystackID is a trusted partner to corporations, law firms, and governmental agencies, supporting targeted audits, complex investigations, and civil litigation matters with a dedicated global team of cybersecurity, information governance, and legal discovery experts. Applying the potential of artificial intelligence, the precision of data science, the power of machine learning, and the practicality of expertly trained and managed reviewers, HaystackID provides clients with secure, defensible, and flexible capabilities to address the most complex and time-sensitive eDiscovery-centric challenges. 

In addition to consistently being ranked by Chambers USA, the company was recently named a worldwide leader in eDiscovery Services by IDC MarketScape, a representative vendor in the Gartner Market Guide for E-Discovery Solutions, and a Legal Technology Trailblazer by The National Law Journal. Further, HaystackID has achieved SOC 2 Type II attestation in the five trust service areas of security, availability, processing integrity, confidentiality, and privacy.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, DALL-E2, Grammarly, Midjourney, and Perplexity, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.