aiR for Data Breach Response

aiR for Data Breach Response is a Relativity application (RAP) deployed within RelativityOne that uses large language model (LLM)-powered generative AI to streamline the data mining and notification readiness stages of cyber incident response. It is intended for use by incident response firms, breach counsel, and legal service providers handling sensitive data review at scale.

Key features and functions include:

PI and PHI Detection
The application applies out-of-the-box personal information detectors to identify PI and PHI across ingested document sets. Users can also configure custom detectors. Detection runs as part of the Unstructured Detection pipeline and uses generative AI to differentiate PI types based on document context.

Structured and Unstructured Document Analysis
aiR for Data Breach Response uses distinct AI-based methods for different document types. For unstructured documents—such as emails and word processing files—the application uses document context to identify and auto-link PI to named individuals. For structured documents—such as spreadsheets and CSV files—the application analyzes table boundaries, column headers, and column content to predict and extract relevant PI.

Entity Linking and Normalization
Identified PI and PHI is automatically linked to the relevant individual or organization across documents. A normalization step consolidates these links into an entity report, enabling review teams to resolve conflicts and generate a finalized list of potentially impacted individuals without rebuilding work across stages.

Project Dashboard and Real-Time Visibility
The Project Dashboard provides a centralized view of PI and PHI identification, extraction, and linking progress across the document set, including document-level error tracking. Project leads can monitor analysis in real time as documents are processed.

Notification Report Output
Upon completion of review and QC, the application generates a consolidated notification report containing impacted individuals and their associated PI or PHI, formatted to support regulatory notification workflows.

Security and Data Boundaries
All analysis occurs within the RelativityOne security boundary. Azure OpenAI does not retain data from analyzed documents, and customer data is not used to train generative AI models operated by Relativity, Microsoft, or third parties. Customer data may be processed outside of a designated geographic region depending on deployment geography; details are governed by Relativity's deployment and processing geography documentation.