Client industry:

Cyber Risk Management

Business challenge:

Data breach review of personal information with a tight turnaround time in multiple locations.


A successful Managed Review using Relativity technology and hosted services in which 68% of the documents underwent a stringent quality control process under a tight turnaround time, resulting in a 89% accuracy rate.


The Client engaged the managed review services of Special Counsel, Inc. to conduct a data breach review to identify whether Personal Identifying Information (“PII”) and/or electronic Protected Health Information (“ePHI”) had been compromised within a set of documents whose security had been breached through their clients Office 365 environment. What constitutes ePHI is determined by the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act and there are various state and federal laws outlining the notification requirements individuals, including, for example, customers, clients, employees, and/or independent contractors, whose personal Identifying Information (“PII”) and/or electronic Protected Health Information (“ePHI”) has been compromised. What is determined to be PII/PHI is dependent upon not only Federal law, but on each state’s law, so each data breach project must be handled individually to ensure that the list of applicable PII/PHI is consistent with the applicable state’s laws and each protocol must be individually crafted to the applicable state law.

Download Case Study

Search our consultants or reach out to us to start a partnership.

Find a consultant Contact Us