Matt Liebner, Andrew Nauer
Session Time: Thur, May 7, 2026: 10:10 AM-11:10 AM
In todayβs breach litigation environment, incident response data review and breach notification decisions are no longer routine compliance tasksβthey are strategic choices that shape litigation risk, regulatory scrutiny, and long-term defensibility. Plaintiffs increasingly treat notification scope, methodology, and language as evidence, placing early incident response decisions at the center of class certification and liability arguments.
This panel brings together privacy litigators, incident response counsel, and technical experts to examine how IR data review and notification decisions are evaluated by plaintiffs, regulators, and courts as breach matters evolve. Drawing on real breach matters, panelists will explore where notification strategies strengthen defense posture, where they create unintended exposure, and how counsel can better align technical determinations with legal theory in a plaintiff-friendly enforcement environment.
Discussion Points / Key Takeaways
- How IR data review scope and notification decisions affect standing, commonality, and predominance in breach class actions
- When breach notice becomes evidence: how plaintiffs leverage notification language and methodology
- Individual versus substitute notice as a defensibility question, not merely a compliance exercise
- Common misalignments between technical findings and legal strategyβand how they surface in litigation and regulatory scrutiny
- Practical guidance for advising clients on defensible notification decisions in complex breach matters, including healthcare and HIPAA incidents
Andrew Lauer, Vice President of Operation, AssessmentFirst
Matt Liebner, Vice President of Sales, AssessmentFirs
Reading Materials:
