Maintaining privilege over forensic data-breach reports
Steven Morphy, James Shreve, and Luke Sosnicki of Thompson Coburn LLP offer some commentary on difficulties in the current climate about claiming that forensic data-breach reports are privileged. After discussing some recent decisions, they offer some takeways to help entities. The first tip is:
At the most basic level, companies should involve outside counsel in all aspects of its breach investigation, and counsel must hire the outside consultant to investigate the breach. If possible, the company should consider retaining a different cybersecurity firm than the company previously hired to conduct any prior review of the company’s data management systems. If challenged, this could allow the company to more clearly show the retention was specific to, and in anticipation of, ensuing litigation.
Read more on JDSupra.