Providing necessary reporting to accommodate an audit or inquiry
When a data breach occurs and notification is required, it is vital to document every aspect of the incident response process in order to meet the many “burden of proof” requirements during an investigation.
To help you comply with state and federal regulations, we provide necessary tracking and reporting so you are ready to accommodate inquiries or audits from the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), the Federal Trade Commission (FTC), State Attorneys General, or potential class action lawsuits.
Avoid unprecedented fines and corrective actions by making sure you collect the proper mail and email breach notification process documentation, including:
- Number of notices sent, received and returned
- PDF copies of all letters mailed
- Scanned images of all returned envelopes
- The reason the U.S. Postal Service returned the envelopes
- The matching postal paperwork with mail dates
- Detailed email delivery and response reports.
In addition, we can provide incident-specific call center services and all of the required metrics to satisfy your audit documentation needs, including:
- Daily call volumes (with hourly breakdowns)
- Types of calls received based on the reference number provided in the notification letter or email
- Average Speed of Answer (ASA)
- Escalation reporting.
Throughout the life of a data breach call center engagement, you can view call center activity in real time and manage escalations as they occur using our proprietary Ticket Reporting System (TRS).