Skip to the content


Current trends in cybersecurity have shown that 80% of ransomware incidents begin with data exfiltration by the attacker. Malicious outsiders often target Personally Identifiable Information (PII) or Protected Health Information (PHI) data due to its sensitive and valuable nature. Any compromise of PII, PHI, or other confidential data may result in a reportable legal “breach,” costly remediation and litigation, downtime, and damage to your reputation.

Most states and governing authorities have laws and guidelines for protecting such information from loss, theft, and unauthorized access. It is your responsibility to know the location of your personal data and what it contains.

Protect your organization from cyber threats and stay compliant.

If you are experiencing a cybersecurity incident, contact the Whittlesey team to help.

In the case of an incident, we’re here to investigate and remediate systems, comply with the proper authorities, and facilitate the road to recovery.

Identify. Analyze. Remediate.

Whittlesey’s PII/PHI scanning and remediation process lowers your risk profile, protects your personal data, and helps you stay compliant and avoid a breach.

The Goal: Limit the amount of sensitive data kept so any compromise is less damaging. We call this reducing the attack surface and lowering risk profiles. Our advanced forensic tools identify more than 300 data types, including sensitive, personal, and confidential data for over 50 countries. Our tools can then encrypt, mask, quarantine, or securely delete sensitive data to achieve a near-zero risk posture with sensitive data.

Our tools find and remove PII, PHI, and sensitive information across structured and unstructured data in any environment including:

• Servers
• Desktops
• Mailboxes (on-prem or cloud)
• Database files

• Office365/AWS/Dropbox/Google Drive
• On-prem storage
• Cloud applications and storage
• Windows/macOS/Linux

No-Obligation Cybersecurity Assessment

One wrong click can cause a security incident or data breach and the impact could be devastating. Whittlesey’s Cybersecurity Assessment (CSA) is a comprehensive audit that will identify your level of cyber risk and provide a roadmap to improve it.

Latest Resources


How Auditors Assess Cyber Risks

Data security is a critical part of the audit risk assessment. If your financial statements are audited, your audit team will tailor their procedures to answer critical questions about cyber risks and the effectiveness of your internal controls...Continue Reading

Providing Optimal IT Support for Remote Employees

If you were to ask your IT staff about how tech support for remote employees is going, they might say something along the lines of, “Fantastic! Never better!” However, if you asked remote workers the same question, their response could be far less enthusiastic...Continue Reading

Mark Torello
Partner-in-Charge, Technology 
Hartford | Hamden | Holyoke

Main Contact

Mark Torello has more than 25 years of experience in consulting, with an emphasis on security and accounting systems technology. Active in his industry, Mark is a member of the Information Systems Audit & Control Association (ISACA), the National Association of Certified Fraud Examiners, the Connecticut Society of Certified Public Accountants (CTCPA) and the American Institute of Certified Public Accountants (AICPA). 

Get In Touch