AmLaw 50 Firm Accelerates
Data Breach Response with AI



The Dilemma

Because of their reputation as an expert on privacy and cybersecurity, this top law firm was tasked with quarterbacking the response for a Fortune 500 company after they suffered a data breach that exposed over 54,000 documents. Under regulations like GDPR and CCPA, the company was obliged to review the leaked documents for personally identifiable information (PII), including social security numbers, phone numbers, and passport numbers.

Sorting through this volume of text, however, posed steep challenges. First, even with legal experts sifting through the documents, the law firm worried about the inherent risk associated with the review process when utilizing search terms and regular expressions to identify PII. Missing even one instance could result in fines for failed compliance or even litigation.

Second, a traditional review process of this scope would take around 21 days and around 1,372 hours. Not only does this create a risk for failing to comply with strict timelines for notifying affected individuals, but it’s also very expensive. At an average rate of $50/hour, paying people for a review like this would cost over $68,000. The law firm wanted to cut down their turnaround time and lower the cost so they could pass on the savings to their client and win more repeat business.

“The program is too user-friendly.
I think that is why there are no questions.” 

icons risk reduction-01

Privacy & Cybersecurity

icons litigation-01-01-1

Data Breach Response

entity normalization

Entity Normalization


The Resolution

By partnering with Text IQ, the law firm was able to pass on the cost-savings to their client while also complying with regulations, providing the required notification reports, and mitigating risk. After a brief, 2 hour training, the law firm’s reviewers learned to use our technology interface to quality control the AI’s predictions without any issues. The AI platform employed entity normalization processes to identify and link PII instances in the affected documents. This automatically generated a report to use to notify individuals whose data was compromised in the breach. This freed up the lawyer’s time to focus on less tedious tasks.

Over the course of just eight days, the firm’s reviewers spent 343 hours billable for a sum of $17,150. That’s why the head of the firm’s Global Cyber, Privacy, and Data Innovation Practice Group remarked that they saved 75% by using Text IQ.

By reducing the turnaround time by 13 days and cutting $51,000 in costs, the law firm stayed well under their clients budget and completed the work ahead of schedule.

They also mitigated risk by improving accuracy. Text IQ identifies PII with 99% accuracy, compared to the 95% we realize from manual review. The number of documents needing human review was reduced by over 50%, creating a small set of flagged documents that required a quick quality control round by skilled attorneys. This new process allowed the law firm to achieve 100% accuracy and prevent potential disasters.

In the end, it was a win for everyone. First, by ensuring that we miss fewer PII instances, we can properly notify affected individuals to make sure they take the necessary steps to protect themselves. Second, the Fortune 500 company fulfilled their obligations and complied with regulations in a timely and cost-effective manner. Finally, the firm was able to strengthen their relationship with their client by providing real value, and they look forward to continuing to partner with Text IQ on subsequent matters.

Nobody wants to suffer a data breach. However, by leveraging Text IQ for automatic document review, we can mitigate the damage and stay one step ahead of the field.

risk white


time white


cost white



download the case study