Data Breach Response and Notification
With data breaches occurring daily the demand for Data breach response services is at an unprecedented level. Our Data Breach Response Team specializes in two areas:
Immediate response analysis, resolution, and remediation.
- Data Breach Planning and Training: Developing and testing comprehensive incident response plans to minimize the impact of a data breach, including identification of cause and implementation of remediation measures for affected areas. Our team of professionals consider company processes, as well as roles and responsibilities of individuals throughout the organization.
- Continuous Threat Monitoring and Analysis: – After and incident we can offer monthly vulnerability scans. These scans ensure that critical systems are properly protected against current cyber-attacks and are up-to-date with all security patches.
- Cyber Incident simulation: We work work with organizations to create a tailored simulation of an incident. These exercises are performed on site and can be in multiple locations depending on the organization size. The purpose of these exercises is to evaluate the effectiveness of the current incident response plan as well as educate key stakeholders on methods of handling and incident.
Data Breach Notification
Following a data breach, companies are often faced with a requirement to notify individuals whose personal information was compromised, especially if the breach involves Personally Identifiable Information (PII), Family Educational Rights and Privacy Act (FERPA) data, Payment Card Industry (PCI) data, and Health Insurance Portability and Accountability Act (HIPAA) data, and other information subject to privacy law and regulation.
This can necessitate the review of huge amounts of email, oose files, and database sources. This effort is often exponentially greater than company or counsel anticipate, as the exposure of just 25 email boxes can yield over one million documents for review.
This notification process is subject to increasingly rapid turnaround times, which place a premium on quickly, efficiently, and cost-effectively analyzing and relevant data, then reporting
on the results. For example, Colorado recently passed legislation that requires notice to affected Colorado residents and the Colorado Attorney General within 30 days of determining that a security breach occurred.
Gemean’s data breach notification professionals use a combination of proprietary tools and methodologies to review and extract the key data elements needed for data breach notification. Our streamlined workflows and application of cutting-edge technology and analytics allow us to deliver results at industry-leading speeds, while maintaining the highest levels of quality.