A nationwide healthcare company experienced a business email compromise event that could have had data-privacy implications. CRA’s team of forensic experts determined that numerous mailboxes were compromised. The investigation team data mined the mailboxes and set up structured and unstructured workstreams to review the potentially impacted documents.
The team applied proprietary scripting to extract information from the structured files and loaded the unstructured data into Relativity for analysis, review, and data capture. These two unique workstreams identified tens of millions of records of data. CRA created a custom deduplication process for the data and provided the client a data file containing the names of millions of individuals to be notified. Leveraging an extensive team of forensic experts, data analytics experts, and privacy experts, CRA worked with client and counsel to determine the number of mailboxes compromised and the information contained within the mailboxes that was subject to regulatory reporting requirements.