Notifications Letter Module

Streamline a Complex, Multi-Step Process

Radar® provides privacy and legal professionals with a complete solution for efficiently managing the lifecycle of incident response, from multi-factor incident risk assessment to notification in the case of a breach.

Compliance with data breach regulatory and contractual notification obligations can be complex and time consuming. Once it has been determined that an incident requires notification, there is a need for managing the notification process including generating notification letters to multiple individuals, regulatory agencies and business clients. Staying on top of notification deadlines, format and content requirements brings additional complexity and creates risk. The new Notification Letters Module in Radar® enables seamless creation and
management of notification letters to help manage the complete incident response lifecycle.

Closing the Loop: Printing Notification Letters

Users create a master template for all notification content (including letterhead details like company logo) to ensure consistency across notification letters. Users are then able to create incident-specific notification letters for individuals, regulatory agencies and clients, and
print the letters directly from Radar®. All letters are maintained in a repository associated with the incident, providing additional coverage should an audit occur.

• Create and maintain a master template for efficient and consistent letter generation
• Create letters for individuals, regulatory agencies, and business clients
• Customize letters by overriding the master template content and including incident-specific information such as discovery date and regulated data
• Print letters directly from Radar®
• Maintain a single repository of all letters associated with an incident
• Easily track all notification letters generated

Notification Letters Module Use Case

A RadarFirst customer in the insurance industry had already adopted Radar®, and the privacy team was experiencing notable benefits from the intelligent process automation offered for their incident management and response. They had documented an acceleration in their timeline from discovery of an incident to making a breach notification decision, and the CPO now wanted to further automate and streamline their notification process by implementing the Notification Letters Module in Radar®.

Prior to the adoption of the Notification Letters Module, the privacy team struggled to create and maintain templates that could easily be updated and printed in a timely manner to ensure they met notification obligation deadlines. It was also a challenge to easily demonstrate compliance of notification obligations to regulators. The CPO knew their team needed a solution to further streamline the multi-step incident management process and close the final gap in the breach resolution loop: notifying affected individuals efficiently and effectively.

Once the Notification Letters Module was implemented in Radar®, the team was able to seamlessly print notification letters with incident-specific details directly from their Radar® Privacy account, as well as maintain a repository of all letters generated as proof of compliance should an audit occur.

The module allowed them to not only create and maintain a master template, but also offered the capacity to customize letters by overriding the master template content in order to include incident-specific information, as required, such as discovery date and which PI was exposed. Letters could efficiently be generated for individuals and customers, clients and business associates, as well as for regulatory agencies.

The ultimate benefits of adopting the Notification Letters Module in Radar® were not only greater time efficiency for the privacy team, allowing them them to quickly complete critical but menial tasks and return their focus to greater risk mitigation efforts, but also a more mature overall privacy program that ensured defensibility in case of an audit thanks to a consistent and well documented notification letters process.