Responding nimbly to privacy obligations across six countries

Data infecting a finger print identity on a screen to illustrate hacking and cyber crime

CRA’s Forensic Services Practice was retained by a global insurance and reinsurance conglomerate which had experienced a cyber breach to identify potentially notifiable and reportable information across numerous jurisdictions. Working with Counsel in the United Kingdom and United States, CRA developed a review methodology to capture information subject to the European General Data Protection Regulation (GDPR), US privacy laws, as well as data privacy regulations from Singapore, Bermuda, Australia, and New Zealand.

After complex custom scripting and automated extraction for structured and semi-structured files, the team engaged in data normalization, consolidation, and de-duplication, bringing down the notice population from 8.5 million to just over 530,000 individuals.

Meet our team

Additional Contributors