NOT READY FOR PRIME TIME?
- data that is not collected properly may need to be collected again
- custodians who are missed the first time around may be gone (with their data) when most needed
- data might be collected from duplicate sources, or even collected twice from the same course
- huge volumes of data may be collected, processed, searched and reviewed unnecessarily
- critical repositories of relevant information are easy to miss
- if the integrity or authenticity of produced data is challenged, no adequate response may be forthcoming due to the lack of process and documentation
- the whole e-discovery process is tinged with panic which puts you at a disadvantage
- legal fees and commercial vendor bills escalate out of control as more work is delegated
If e-discovery is treated as an emergency then you are not prepared.
GETTING STARTED – THE CRITICAL ELEMENTS
- Compliance with applicable records management and admissibility standards (ISO 15849 and many other standards and best practices listed here, CAN/CGSB 72.34). Proper records management is the foundation of the E-discovery Reference Model and the Information Governance Reference Model.
- Document retention policy updated to include electronic records. Many organizations have figured out retention periods and practices for document destruction – but these rules are usually impossible to apply in the case of unstructured data and e-mail. You need a new philosophy, perhaps best expressed today in the Capstone approach of the US government.
- Current data inventory and map. Many organizations store information in a variety of decentralized locations and applications. Users often have the ability to create undocumented data repositories. Getting a handle on where data resides and what format it is in can be crucial for a quick and effective litigation response. Moreover, it is usually these undocumented repositories where damaging records may reside. In one recent case, a party “forgot” to check its project document repository for relevant records. “During oral discovery, Sapient questions a Siemens representative on a document that was never produced. When pressed, Sapient admits that it inadvertently neglected the ResultSpace repository. In October 2012, two years after production was supposed to be complete, Sapient produces another 20,000 documents – effectively doubling its production.” Siemens Canada Limited v. Sapient Canada Inc, 2014 ONSC 2314.
- Policies, procedures and audit for backup and archive. Every organization has procedures for backing up data. But here are a few realities:
- Backup procedures are often put into place by the IT department, and often using default configurations, without regard to records management policies (if those even exist)
- Backup procedures, if documented, are often not followed in practice because IT staff are reluctant to “delete” anything that might conceivably be needed in the future
- Without an effective archive and backup policy, duplicative, legacy and documents long thought to be deleted are now a very active part of the e-discovery project
- Litigation hold policy, procedure and precedent. You know your organization best. While outside counsel can assist with drafting the legal content of a hold, your legal hold should be based on a precedent that fits the records management procedures used by your custodians.
- Collection process, documentation and oversight. It is often not necessary for an outside computer forensic specialist to image hard drives and collect data. However, unless your staff are trained in the appropriate processes, are provided with the appropriate tools, and have developed the habit of documenting what they do, costly outside services will always be recommended.
- Awareness and training. When custodians (users) receive a legal hold notice – do they know what to do? When the IT department is asked to search for documents or emails in a certain date range, do they know what to do? Or will they wing it? Everyone on the litigation response team must be trained like firefighters, and anyone who might be affected by an e-discovery project should be comfortable with the process.
- Testing and updating. Any response plan must be tested, modified accordingly, and updated regularly.
- Planning, communication and reporting. E-discovery usually involves internal staff from IT, records management, legal and operations. It also involves outside counsel, and may involve commercial suppliers. It is critical that all parties are in touch regularly when a response is triggered.
- Cross-disciplinary team with connections to outside counsel. Appointing a single paralegal or lawyer as the litigation response case manager is a great idea, and the strongest response is planned and executed by a cross-disciplinary team. The larger the organization, the larger and more diverse team is indicated.
Litigation Response Plan – series of videos and documentation from US lawyer Tom Howe. http://www.litigationresponseplan.com/
Stephen O’Leary – Litigation Response Planning. http://web.simmons.edu/~wilczek/ediscovery/oleary-armaboston.pdf
Government of Alberta, Litigation Readiness and Information Management, http://www.im.gov.ab.ca/documents/imtopics/Litigation_Readiness_and_IM_Tip_Sht_1.pdf.
Litigation Response Planning and Policies for E-Discovery, http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_036581.hcsp?dDocName=bok1_036581
Richard Medina, How to Develop and Implement Your Discovery Readiness Program – http://www.cmswire.com/cms/information-management/how-to-develop-and-implement-your-discovery-readiness-program-020464.php.