This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
2. - Information protection and security: Read more in this section
- Protecting computer data: Advice from a former CIA CISO
- Webcast: Lower e-discovery costs with these data management strategies
- Privacy in an era of big data proliferation
Explore other sections in this guide:
Webcast: Five data management strategies to lower e-discovery costsDate: Sep 16, 2013
Information management is getting more complicated, and this is having a major influence on the budgets used for tools that track that data. Tools and processes such as e-discovery are becoming very expensive as businesses struggle to properly maintain data in efforts to stay out of legal trouble and remain regulatory compliant, according to information governance expert Jeffrey Ritter.
In this four-part SearchCompliance webcast, Ritter discusses steps companies can take to alleviate high e-discovery costs. Here in part four, he outlines five data management strategies to help lower e-discovery spending.
These five data management strategies provide an integrated foundation on which companies can transform how they spend money on finding information. These strategies are not only important in litigation, they're also relevant to any situation in which companies must parse and analyze historical information to find the truth: from internal investigations and antitrust responses to second requests or mergers and acquisitions -- anywhere the company must produce or present information about historical operations.
All of these are in venues where these strategies are useful. I'm going to provide a discussion of each strategy and its benefits. In doing so, I think we will be able to make some real progress in lowering e-discovery spending to benefit the stakeholders and shareholders of any company. These strategies, I think, also work for government agencies. Though they're not necessarily motivated by profit, these agencies are motivated to stretch their allocated funding, and these strategies are equally compelling for them.
Our first strategy is to create a secure portal for law function communications. Today, privileged content and attorney-client work is being placed into email, into instant messaging (IM) communications and into call records. The technology exists now where interacting with the law department in a company can occur through a separate, secure portal. Companies with SharePoint can do this, so that all of the actual communications are being segregated from any other channel of dialogue. All case-specific records and documents, all merger and acquisition documents, can be segregated and secured so that we always know where privileged communications are. We always know how to communicate with the lawyers in order to preserve that privilege.
Instead of receiving an email from the attorney that says, "Hi, Bob. Here's my advice on how to handle the defense of this case," Bob would get an email that says, "You have a new communication in the law department portal. Click here to access that communication." At that point, recipients are redirected to the secure portal where they can keep track of and easily manage the privileged content.
One of the biggest challenges we have is data sets and data sources that employees need to access on a continuing basis, but that contain data that changes every day.
This avoids the forwarding of privileged content that actually disqualifies that privilege, and it makes it more difficult for that content to be leaked or compromised. It also creates a process around the privileged content, which means we have eliminated privileged content from being out in uncontrolled channels such as email and IM.
This is an immense advantage, and I think it is the single most effective strategy for cutting review cost, because you're reducing the size of the haystack in which you are looking for the needles that are the privileged communications.
The second strategy is to reduce the preservation of what I call "watercooler electronically stored information (ESI)." Most email, IM and social networking information within companies are communications that -- before we had computers and the Internet -- we would exchange across the watercooler. It's non-substantive; it's not significant. But if this ESI exists, companies have a legal and ethical duty to consider it within the target zone of any collection, preservation and evaluation process.
If we can reduce the volume of that information and its preservation as part of the corporate information governance program, we can change the size of the haystack again. Email and IM are ideal candidates for very short preservation periods, disposition or overwrite.
This lowers the volume of information in the initial collection, and reduces improper content exposure. It also increases the use of email and IM channels for the purpose they were intended -- external communications -- and they are no longer a place where valuable internal information might be left vulnerable. It's a similar strategy: You break apart the content into different buckets, then apply different rules that reduce the size of the overall haystack that law firms and service vendors have been reluctant to reduce.
The third strategy is to avoid "non-executable hold instructions," my term for them. Hold notices remain complex, boilerplate, blanket documents that actually overwhelm most custodians with instructions. As a result, hold notices don't get executed correctly by custodians and employees, and therefore the cost of data supervision and audits goes up.
First, develop tactics to increase the archiving of active ESI. Information that you use every day in business still is going to be needed, but it should be archived so that employees are not responsible for trying to identify and preserve it off their desktops or mobile devices. Second, limit the requests made to custodians so they only have to deal with active, non-archived content. Every day we may create relevant content on our desktop. We may have relevant physical documents that require preservation, but we really shouldn't be asking custodians to do what the IT department is otherwise responsible for doing: Identifying and finding information that is relevant to the case amid the archived content.
Third, one of the biggest challenges we have is data sets and data sources that employees need to access on a continuing basis, but that contain data that changes every day. Imagine a database of active purchase orders. How can we preserve that information so nobody can delete a particular record, but so we don't necessarily have to go through the expense of capturing, collecting and trying to reconcile the collected ESI with updates as active data?
These three strategies dramatically reduce the volume of instructions that need to be given to custodians. We then reduce the complexity of collection, and custodians perform better because the instructions provided them are clear. As a result, there is less functional disruption to the business. We talked about lost opportunity costs in a previous webcast. That's where the expense begins to grow.
There are two remaining strategies that are a little simpler to describe, but probably a little harder to implement. The fourth strategy is to integrate the ongoing company need to produce discovery for legal actions -- whether they're internal investigations, litigation, regulatory enforcement actions, or mergers and acquisitions.
This need must be integrated into the contracting infrastructure for discovering historical records. Often, we find that custodians and third-party sources of valuable ESI that is technically within the control of the company have not been contemplated as part of the required service packages. Outsourcing, using cloud services, storing data with law firms, and using e-discovery vendors -- all of these are contract-intensive relationships.
More on this SearchCompliance webcast
When we don't contemplate e-discovery as part of the relationship when contracts are developed, services are rendered and fees are charged, it means that every one of these situations is being negotiated in crisis. Every one of those service providers knows how to exploit that to maximize their gain. If we begin to recognize that discovery of historical ESI is just how we do business, we can reduce the complexity of the collection process and reduce storage services' charges. We also receive better return on investment (ROI) on all the services that are provided, and there is less functional disruption to the business.
Finally, the fifth and biggest strategy is recognizing that information governance is now part of doing business. Our digital information is the fuel on which our companies operate. It is an asset -- not unlike our fixed assets, our money and our intellectual property. We recognize that this is no longer our mother's records management, but instead something much more complicated that involves four key tactics:
- Anticipating and defining our requirements for ESI and discovery.
- Building and expanding our management capabilities and metadata.
- Using technology, not just during litigation but as part of routine operations to automate the semantic indexing and classification of content so that we can find it sooner, faster and easier.
- Accelerating the disposition of non-relevant ESI.
This non-relevant ESI is not just the watercooler stuff, either. Beyond those communication channels such as email and IM, there's other ESI that just simply doesn't need to stay around. Recognize that legal expenses are offsetting what used to be thought as historically low storage costs. Again, these are the benefits: reduced complexity, reduced cost of collection, reduced spending on other duties as assigned, and reduced supervision and audit costs.
If we look at these five strategies in total, we can see that they all address the five unrecognized spending buckets with which we began, as well as the six spending buckets where spending is going up but which are outside of the traditional metrics being used to track e-discovery spending. By implementing these strategies -- both immediately and in future strategic planning -- I believe any corporation can dramatically reduce what they are spending on e-discovery and show ROI for implementing these strategies that is measurable, that is reportable and that is legally defensible.
Please visit SearchCompliance.com to view the rest of this webcast on strategies to lower e-discovery costs.