Data Mining

CHALLENGE

We were tasked with preparing a data breach PII log for notification of involved parties. Within the data were several massive lists of parties and their PII (around 18,000 names and associated PII) within unstructured data types (PDFs). Using a traditional approach, exacting these would have taken an estimated 696 reviewer hours or $20,880. 

SOLUTION

We were to analyze the data, reduce it to item-level duplicates, extract it in a semi-structured manner, split it into structured parts of PII values, expand back to item-level duplicates, and then mass incorporate these values into the PII log and link to the origin documents. 

EXECUTION

We first deduplicated the data at the item-level, as is appropriate in a data breach review to reduce the population. Then, we identified unique patterns within the PDFs to isolate the PII. From these patterns, we drafted Regular Expressions to capture them. In capturing PII, there were some disjointed pieces, namely names were referred to by an office code. However, office codes were separately linked to the state PII, thus they had to be captured separately. Once extracted, we broke these excerpts further into structured parts of name, first name, last name, employee ID, office code, and states. As mentioned, we had to normalize and then link the office code and states to the disjointed names. Once we built the structured data file, we linked the entries to and expanded them to their item-duplicates. Finally, this structured data was overlaid directly into the review platform PII log alongside the manual review entries ready for reporting and notification. 

RESULTS  

Our Review Project Management and Analytics Consulting teams spent roughly 20 combined hours to complete the above mass extractions/linking for approximately $3,000 – a total savings of about $17,000 and completed about a week ahead of schedule. 

Challenge: A large government and defense industry supplier engaged Innovative Driven (ID) to support a high-stakes review involving approximately 300,000 documents totaling ~135 GB of data. The matter involved sensitive information subject to federal regulations, including personally identifiable information (PII), business sensitive content, material potentially governed by U.S. export control laws (e.g., ITAR or EAR), and Confidential Unclassified Information (CUI). The client required a secure, compliant hosting environment that could meet government cybersecurity requirements while enabling efficient review workflows.

Solution: Leveraging our FedRAMP-authorized environment, ID hosted the data with full adherence to federal compliance standards, including access control, audit logging, and geographic restrictions. Our team deployed advanced automated workflows to programmatically identify key categories of sensitive information. This included configuring machine learning models and custom regular expressions to detect and extract [types of data, e.g., social security numbers, proprietary financial details, and technical schematics]. These workflows were tailored to the client’s unique data profile and regulatory obligations, including integration of their DLP software.

Execution: Throughout the review period, which spanned roughly four weeks, our team worked in close coordination with the client’s legal, compliance, and technical teams to validate findings, refine detection criteria, and implement tiered review protocols based on sensitivity and compliance risk. The automated identification process flagged ~30% of the documents for elevated review, dramatically reducing the burden on human reviewers while maintaining accuracy and defensibility. Custom reports were generated to track key metrics such as review rates, data element tagging, and risk categorization.

Results: By combining secure infrastructure with intelligent data processing, ID helped the client mitigate both legal and regulatory exposure while significantly reducing costs. Compared to traditional workflows, the client realized an estimated 50% reduction in total review hours, while ensuring no compromise on data protection. This matter demonstrates our ability to support complex, regulated reviews with precision, speed, and security—and highlights our commitment to helping clients navigate compliance challenges with confidence. 

Problem: Our client, a leading Government Contracting company, was looking for a FedRAMP Authorized DIY Environment to meet their needs around Information Governance/Consolidation of multiple legacy and fast-moving litigations. Due to Government regulations and protocols, the offer was contingent on meeting all FedRAMP stipulations and allowing them contractual flexibility.

Solution: We prepared a dedicated Do-It-Yourself environment within our FedRAMP instance, allowing the system software/hardware to meet their stringent technological, infrastructure, and security-based requirements. The client’s dedicated environment allowed for ease of use, monitoring, auditing of data/user access, and a consolidated data repository for the current needs of their legacy/fast-moving litigations.

Execution: We worked diligently with our client to understand all requirements of their overall objectives while allowing them the freedom to avoid contractual lockdowns common in their area of business. Our client effectively migrated their growing data footprint into a consolidated environment to increase Information Governance and significantly reduce spending. From a cost standpoint, Innovative Driven was able to leverage discounted rates and bundled services (based on the client’s primary areas of need) to create a single monthly, predictable cost model.

Results: We provided our client with a complete do-it-yourself managed services solution within a FedRAMP environment to support the entire information and litigation lifecycle. Further, we were able to customize a contractual approach to the managed services solution that fit the client’s budgetary needs and was premised largely on contractual flexibility/scalability. Consequently, as our client’s data footprint grew from 100s of GBs to 10s of TBs, we dynamically evolved the managed services solution to address our clients changing needs. This contractual flexibility, managed services, and business intelligence combination allowed us to “right size” the contract on the fly after only four months (of a three-year contract), which mitigated five figures of monthly “burst charges” for our client.