Many in-house legal professionals face the "make or buy" decision every day: which matters or parts of matters will they handle in-house, and which matters will they seek external assistance on. Decisions often include assessing risk, magnitude, impact, talent and staffing mix (internal and external), required response time, availability of tools and technology, desire for efficiency and consistency, and cost effectiveness. Depending on the matter and jurisdiction, privilege and defensibility considerations may also be part of the risk and overall decision matrix.
Companies in heavily regulated industries often have dedicated in-house resources for handling portions of their e-discovery workflow. Roles can range from serving as touch points within the company to performing (or managing) end-to-end e-discovery in-house.
Striking the right balance is key, and the right answer on approach will likely vary from company to company.
Five Key Considerations
For those companies interested in exploring technology options to assist with performing the collections portion of the e-discovery workflow in-house, key considerations include:
- Data sources: what are they and where do they reside
- Identify right tool for right job: matching data sources to tool capabilities
- Integration and data security: how will the technology integrate with other systems and meet security requirements
- Subject matter expert: who will own and defend the process
- Proof of concept and support: testing capabilities and ongoing support are critical elements to move from concept to implementation and execution
Technology and tools abound when it comes to e-discovery. It can be daunting to navigate the complex marketplace to determine which tools best match a company's situation. A key first step is to understand the company's data sources and determine where they reside. With this understanding, companies can then prioritize needs, develop a collections strategy, and identify tools to best match their needs.
Questions to ask include:
- What are the company's data sources?
- What types of repositories or devices are you collecting from (e.g., email, document management systems, SharePoint sites, company-hosted social media, cloud storage, server shares, iPads, smartphones, etc.)?
- Which repositories or devices are you most commonly going to for data collection?
- Are collections mainly inside or outside of the U.S?
- From past experience, can you prioritize among data sources and repositories to help focus on which tool(s) might best be suited to address collection needs?
Right Tool for the Right Job
In addition to understanding the data sources and common repositories for data, it is also important to understand what the company's collections strategy will be. Will the company seek to collect everything? Will the company seek to use search terms and/or to collect in a more focused way?
Also, important to consider is the company's desired collections capabilities, including whether the collection most often needs to be:
- Forensically sound: copied files are exact matches and metadata values don't change; can authenticate
- Forensic image: bit-for-bit copy of a hard drive or server disk (bit-by-bit copy of a hard drive which will collect slack and fragmented disk space)
- Targeted collection: using key words, dates, certain file/folder locations
- Self-collection: conducted by the custodian; can be riskier, raising assertions of “fox guarding the hen house”
As with any situation where tools are matched to task, understanding what the company most frequently wants and needs will help the company focus on which tool makes the most sense.