While your organization may not regularly be involved in costly or complicated litigation, there is always the potential for this to arise. Additionally, you may work in an industry that is heavily regulated and subject to government investigations. In either instance, you will likely be required to produce documents. Today the significant volume of these documents comes in the form of Electronically Stored Information (ESI). Once the need to produce ESI is established, the costs begin to mount almost immediately. Identifying which documents to collect, reviewing these documents for privilege and responsiveness, and ultimately producing these documents involves considerable time and money. Fortunately there are a number of steps your organization can proactively undertake to minimize substantive risks and reduce the costs associated with responding to requests for ESI.
This checklist will outline those steps for the key areas associated with the early phases of the discovery process (Information Governance, Identification, Preservation, and Collection) and explain how establishing and implementing good practices at minimal cost now can lead to significant cost savings later.
Maintaining a data map showing what information your organization is storing, where it is being stored, and who is responsible for maintaining it is essential to identifying potential sources of ESI. Even if your organization does not have extraneous data, if you do not track who worked on given projects and where they stored their ESI, considerable time and money can be wasted collecting and processing data unnecessarily. It is essential to discuss ESI locations with the right key people for each project so that you can collect what you need in a targeted and focused way when the need arises.
Establishing and following rules for what information you retain and for how long you retain it is by far the most effective way of both reducing risk and controlling costs. If your organization has a storage room full of old backup tapes, CDs, hard drives, computers, or other obsolete storage devices that do not have business value and that you are not legally required to retain you run the risk of being required to extract data from these sources, which can be very costly. This is especially true if these storage devices are so outdated that your organization no longer has the technology to access them. It is crucial to store only what you must and to maintain good records of exactly what you have so that you are prepared for the electronic discovery process. Unnecessarily keeping and storing data is not only expensive but can expose your organization to unneeded extraction costs and potential additional scrutiny.
Your organization will potentially be exposed to great risk if it destroys information it was required to maintain in the ordinary course or preserve under a legal hold notice. It is essential to educate all members of your organization concerning the importance of adhering to records retention policies and preservation notices and to ensure that all such policies and notices are sent out promptly to prevent inadvertent destruction of ESI. To that end, it is crucial that the technical ability to create and effectively distribute preservation policy and legal holds be in place prior to receiving document requests.
Records Retention Policy
- Create a Records Retention Protocol and update it on a regular basis to ensure that it reflects any changes in retention requirements and that it is being adhered to by the organization as a whole.
- Regularly delete data you are not legally required to store and that has no value to your organization.
- Ensure that at least one key stakeholder in each major project knows where archived data is stored.
- Establish a defined policy for the storage and archiving of data and communicate this policy to all employees.
- Maintain a method to track changes to the Records Retention Policy or changes to the storage and archiving of data (and its subsequent location).
- Create and use a standardized litigation hold form to advise all relevant individuals that a litigation hold has been placed in effect and that all relevant data should be preserved per the hold notice. Document the preservation of relevant data by noting where exceptions are made to your organization’s typical deletion processes.
If your organization has properly prepared, collecting the relevant ESI is a straightforward process. This is where the investment and pre-planning begins to pay off. However, it is critical that the entire collection process be planned, implemented, and documented at every step. This will help counter any potential challenges to the sufficiency of the document collection process.
- Evaluate electronic discovery vendors and determine if your organization already has a pre-existing relationship with a vendor.
- Seek advice early on in the ESI collection process (preferably before it starts) from counsel on which vendor will be conducting the collection, processing the data, and hosting the data.
- Appoint an individual or small team to be responsible for coordinating all the collections.