Challenge
- After a data breach, a social services non-profit needed to assess the extent to which the affected data set contained Personal Identifiable Information (PII) and Protected Health Information (PHI)
- Most of the breached records included highly sensitive and detailed PHI-/PII-sensitive material
- The organisation’s concerns included the strength of Elevate’s security controls and the sufficiency of reviewer background checks
Solution
- Thorough, tailored data mining processes combining regular expression (‘RegEx’) searches refined according to the dataset’s contents and customised searches for an exhaustive set of terms based on project-specific requirements and the dataset’s unique contents
- Sampling of thousands of documents across numerous document types and PII/PHI categories by review team working exclusively on the project
- Heightened data security protocols and background check processes to address customer concerns and requests
- Quantitative and qualitative analysis for breach counsel, including breakdowns of the types of PHI documents, the number of documents with each PHI element, and assessment of the extent to which the breached data contained sensitive PHI necessitating notification.
- Round-the-clock support using India-based specialist review team, resulting in operational efficiencies, a faster review, and achieving tight deadlines
