Data Breach Response

Data Breach Response is an AI-powered solution used to reduce the time, cost, and risk to produce an entity notification list.

Data Breach Response workflows have integrated PI identification that leverage pre-built AI and ML models to find pre-determined PI types, such as SSN, date of birth, credit card information, PHI, and more. PI is automatically linked for structured documents, which speeds up the review and quality control (QC) process. Data Breach Response also leverages AI to deduplicate entities across documents to produce a notification list, allowing you to respond within the mandated timeline.

This product is available as a Relativity application (RAP) called PI Detect and Data Breach Response. The application can be installed into a RelativityOne Review workspace that runs within a RelativityOne production environment. The data used for analysis never leaves the RelativityOne Authorization Boundary in Azure, which aligns with security and compliance requirements defined in RelativityOne contracts.

You can create a saved search with documents for Data Breach Response to analyze. A document report will be published to the RelativityOne workspace as an overlay.

  • Input: Saved Search with documents to be analyzed by Data Breach Response
  • Output: Document report published to Relativity as an overlay including model insights for each document in the original Saved Search

Conceptual workflow

The steps below illustrate high level workflow steps for the Data Breach Response product

  1. Upload documents into your RelativityOne environment using existing data transfer tools.
  2. Configure the PI Detect and Data Breach Response application into your environment.
  3. Start a new Data Breach – Ingestion job and select the saved search of documents for review.
  4. Use the Privacy workflow tab within the application to select the personal information detectors to use and add any custom detectors.
  5. Run the AI pipeline across the document set by going to the Incorporate feedback icon within the Privacy workflow tab. Personal information identifications are automatically highlighted and a Document Report is generated.
  6. Access the Document Report tab in the application to view the personal information identified across the document set.
  7. Run entity normalization and create a notification report.

Document requirements

File limitations for Data Breach Response are as follows:

  • Extracted text files should be provided for all document types. For PDFs, predictions cannot be accurately made without a proper extracted text file.

    Note: Customers can OCR in RelativityOne. See OCR for instructions.

  • The following document types are not supported:

    • Password protected documents

    • Documents that open with an error or warning

    • Excel files older than Excel 95 (v 7.0)

    • Native files greater than 75 MB

Supported file types

Supported extension Limitations and notes
csv CSVs must be delimited by comma, no other delimiter is supported.
tsv TSVs must be delimited by tab, no other delimiter is supported.
Xls, xlsx, xlsm pivot tables converted to fixed tables
xlsb output only as xlsx pivot tables converted to fixed tables
Ppt, pptx, pptm, doc, docx Embedded documents are not supported.
Eml, msg, pst Leverages extracted text so formatting may be lost.
mht, svg, pdf, fdf, xfdf, Pub, dwg, dxf, dgn, rvt, dwf, odt, ods, odp, rtf, wpf, bmp, jpg, jpeg, png, wmf, emf, gif, hdp, jp2, jpc, tif, tiff, xps, oxps, xml, xod, xaml, vcf  


Following are limitations to consider when using PI Detect:
A Data Breach Response project and a PI Detect project cannot be run in the same workspace.

Getting started

Within Data Breach Response, there are two main roles a person may have. The product documentation for Data Breach Response is divided into two major sections based on your role.

  • One section is for Reviewers who check documents to ensure the machine is accurately predicting what documents contain PII. They correct the machine's predictions when necessary and make sure all PII types are detected.
  • The other section is for Project Leads who work hands-on with the client to obtain a final work product that meets all their needs. Data Breach Response projects are largely customizable and require regular communication between a project lead and the client through e-mail, phone, and video calls. Project leads also work "behind the scenes" to organize batches of documents for reviewers, generate reports, and ensure quality control measures are in place.

Together, project leads and reviewers ensure the client obtains an accurate list of entities involved in data breach projects.


Frequently asked questions