PII in Your Discovery?

PII in Your Discovery?

Full original news can be read here >. Fair Use excerpt snippets below focus editor/member commentary and do not infringe on source Copyright.
Epiq Seeks Removal of Data Breach Class Action to Federal Court

Author: Victoria Hudgins – Law.com

…alleged information stolen from Epiq’s networks included nonencrypted and unredacted personal information and that Epiq failed to satisfy its duty to implement reasonable security procedures and practices as required by CCPA…
…statutory damages between $100-$750 per class member for each CCPA violation or actual damages…
…applying the minimum statutory damages sought by Karter would exceed $5 million, Epiq said…

Open Source Link >

Editor Comment:
Epiq’s “Ruyk” ransomware attack in February cut off customer access to their hosted discovery matters for roughly three days. This outages constitutes a major service interruption and violation of normal Service Level Agreements for one of the largest global legal service providers. Beyond SLA penalties, missed production deadlines and unhappy customers, Epiq is now facing a potential class action suit under the new California Consumer Privacy Act (CCPA). Epiq asserts that based on their investigation no consumer data was exfiltrated and no PII exposed in the attack. But what is the cost to defend against the allegations and the cost to their reputation?

I generally recommend actively screen for PII in collections or excluding or redacting it during processing as being irrelevant and a risk. Even better is having a written policy in your discovery protocols that requires counsel approval before collecting from data sources with known PII (i.e. HR reports, benefits managers, etc.). Of course, this requires you to have an updated data map in your ECA process. So many moving parts for discovery practitioners to account for.

0 0 votes

Article Rating

By Greg Buckles|2020-08-03T17:20:38-05:00August 3rd, 2020|Provider, News, Privacy, Security, ESI Sources|0 Comments

Share This Story, Choose Your Platform!

Facebook Twitter Reddit LinkedIn WhatsApp Email

Subscribe

Notify of

Please register or login to comment

0 Comments

Inline Feedbacks

View all comments

Email Greg Buckles with questions, comments or to set up a short Good Karma call.

Recent Essays, eDJ News & Research

GC Report 2024 – Rapid Change Indeed

Hey Copilot, How Much Does My Boss Make?

Microsoft Moved My Cheese

Doing the eDiscovery C-Suite Shuffle

Time to Truth

Recent Comments
Greg Buckles on M365 Roadmap – eDiscovery Impact
Selective: eDiscovery Journal Highlights X1’s Game Changing Support of MS 365 - Daily News Circuit - Daily News Circuit on eDJ Brief: X1 Enterprise Collects Teams and More
eDiscovery Journal Highlights X1's Game Changing Support of MS 365 - X1 on eDJ Brief: X1 Enterprise Collects Teams and More
More Legalweek 2023 Observations from Attendees on eDJ LegalWeek 2023 Pics and Perspectives
Aaron Taylor on Ready for Teams A.I. ESI?
Active survey/polls
How locked down is your enterprise?
Who trains the tar in your matters?
Categories
Categories

eDJ RSS Feed
GC Report 2024 – Rapid Change Indeed
Hey Copilot, How Much Does My Boss Make?
Microsoft Moved My Cheese
Doing the eDiscovery C-Suite Shuffle
Time to Truth
Archives

April 2024

March 2024

February 2024

January 2024

November 2023

October 2023

September 2023

August 2023

July 2023

June 2023

April 2023

March 2023

February 2023

January 2023

November 2022

October 2022

September 2022

August 2022

July 2022

June 2022

May 2022

April 2022

March 2022

February 2022

January 2022

December 2021

November 2021

October 2021

September 2021

August 2021

July 2021

June 2021

May 2021

April 2021

March 2021

February 2021

January 2021

December 2020

November 2020

October 2020

September 2020

August 2020

July 2020

June 2020

May 2020

May 2019

Disclaimer

Essays, comments and content of this site are purely personal perspectives, even when posted by industry experts, lawyers, consultants and other professionals. Greg Buckles and moderators do their best to weed out or point out fallacies, outdated tech, not-so-best practices and such. Do your own diligence or engage a professional to assess your unique situation.

©Copyright 2019 eDiscovery Journal | All Rights Reserved | Privacy Policy | Terms of Service | Ethics | email: info@ediscoveryjournal.com

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settings ACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary
Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply

Go to Top