Digital Forensics Dispatch

Digital Forensics Blog
by Sensei Enterprises, Inc.

When Your Firm Encounters a Data Breach, is the Forensic Report Discoverable?

December 19, 2019

Law.com has addressed the growing issue courts are facing in their article “Cyber Breach Forensic Reports: Is Your Report Discoverable?” (sub. req.)

The article highlights the increasingly possible scenario of a firm encountering a data breach and hiring a forensic firm to perform an examination of the company’s information systems. Often,when the examination is complete, a findings report will be issued containing specific information including details of how the incident most likely occurred. This brings up a potential issue, whether or not the report is available to an opposing party.

Companies are likely to want to maintain control of forensic reports because of the potential value they could offer to a plaintiff. If a vulnerability within the information systems of a firm is highlighted in a forensic report’s findings, it is possible the company may have failed to maintain best practices to protect their data security. This type of negligence may result in a breach of protecting valuable client information.

The court system has held that forensic reports are often protected by attorney-client privilege. However, it is important to not accidently waive that privilege. If the report, or information contained in the report, is voluntarily shared with a third party, the report would likely fall into discoverable territory. It is suggested that attorneys consult directly with the forensic firms when discussing the matter and any work product materials.

If a report must be produced to a third party, such as insurance carriers, auditors, or affiliate companies, there are a few measures attorneys can take to make sure the work product protection is not waived. These measures include redacting unnecessary information from the report as well as signing a confidentiality agreement with the receiving party.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Sensei Enterprises

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Digital Forensics Dispatch

When Your Firm Encounters a Data Breach, is the Forensic Report Discoverable?

Ride the Lightning

Your IT Consultant

Disclaimer