The total amount of data created in the world is multiplying every year, and it’s predicted to reach 59 zettabytes (one trillion gigabytes) by the end of 2020, according to Statista. With that number expected to nearly triple by 2024, data management will naturally become more challenging.
Unfortunately, many organizations handle eDiscovery like a fire alarm – reacting quickly in the moment and handling it differently for every case, wasting untold millions in unnecessary costs. A much better strategy is to have a pre-defined eDiscovery workflow and process established within your company.
Knowing that, it’s more important now than ever to have a handle on your company’s electronically stored information, in case you find yourself involved in litigation or an investigation. Typically, the onset of litigation will trigger the need for electronic discovery, or eDiscovery – identifying, preserving, collecting, filtering, reviewing and producing relevant data.
Unfortunately, many organizations handle eDiscovery like a fire alarm – reacting quickly in the moment and handling it differently for every case, wasting untold millions in unnecessary costs. A much better strategy is to have a pre-defined eDiscovery workflow and process established within your company. When you’ve made eDiscovery a standard, efficient business process, you’ll find that when litigation occurs, the stress and disruption within the company will be minimal, as will the time and money you’ll have to spend.
Here are the steps you should take now:
1. Know Where Your Data Is
Start by creating a detailed map of data within your company. It’s important to know what systems and data types you have, where they reside, who has access to them and what information they contain. This includes more than files on computers. It should extend to emails, text messages, CRM solutions, cloud platforms, photos, social media posts and more. A good way to start is by sending each of your employees a Custodian Questionaire (CQ). The CQ answers will help you create a more accurate data map, which will help you define your overall process and ensure that relevant data is properly and efficiently gathered when needed.
2. Set Up an eDiscovery Team
By the time an eDiscovery request comes in, you should already have established who will be involved. Detail who is on the team and what their roles are, and include the roles of IT professionals, outside counsel, and other partners and consultants. For example, determine who will administer litigation holds, who will collect electronically stored information, and who will review and tag documents. Defining those roles well in advance will make it easier to successfully start and manage the process when the need arises and eliminate the expensive and disruptive fire drill chaos that happens when such advanced planning is not in place.
3. Outline Procedures
Write out the steps for working with data and define the roles for each step. You should have established policies and defined workflows for handling legal holds, responding to compliance requests, securely and defensibly collecting data, ensuring quality control and more. Take the time to research and design the best methods for your company. Allow for some flexibility, since every case may have a different set of needs and requirements. You may also want to include policies that address what kind of data is archived and for how long, as well as when and how it is securely deleted. It may be beneficial to work with an outside eDiscovery expert to make sure your procedures are set up comprehensively and defensibly. These policies will empower your company to maintain authority over your data and deliver consistent results during litigation or an investigation.
4. Choose a Comprehensive Platform
There are a variety of technologies available to help you with eDiscovery. I recommend using as few as possible to mitigate risk and ensure data integrity and security. This step may involve some research and working with an eDiscovery technology consultant to find the right solutions for your needs. Ideally, there is one platform that can facilitate legal holds, data collection, initial filtering and preliminary analytics. That platform should collect data in a forensic manner and encrypt it immediately. It should also ensure the data can be seamlessly transferred to a second platform for attorney document review. The review platform will be used for tagging and coding documents, redactions, marking files as privileged and other needs. Look for one that allows plug-ins so you can have access to additional functions like technology-assisted review, advanced analytics, data visualization and other features without moving data in and out of multiple systems. Additionally, ensure these platforms are comprehensive, scalable and secure.
5. Create a Consistent Review Team
The document review process is essential to eDiscovery, but it can be time-intensive and expensive. Determine who will oversee the review, as well as who will conduct the review or if you will hire people to do that. It’s important to set up a regular review team to guarantee that matters are handled consistently and correctly, matter over matter. This will also save you the time of finding, vetting, hiring and training new contract attorneys for every new case. If you are not able to have in-house reviewers, you can outsource to a full-time review team, which will have procedures in place to ensure accuracy, efficiency and quality.
6. Set Up a Document Repository
Once you have collected, filtered and worked with your data, it should be saved in a centralized location. This will prevent duplicate efforts on a future case or accidentally providing a file that was previously marked as privileged. A data repository allows you to leverage both your work product and legal spend across multiple matters. It also provides an additional level of data security.
Once eDiscovery is set up as a standard business process, you can be proactive and stay in control of your data throughout a potential investigation or lawsuit. In addition to eDiscovery, these steps help with information governance, data security and regulatory compliance. Planning ahead now will save you time and money later, and you’ll be prepared to respond to any legal matters efficiently, effectively and defensibly.
Brian Schrader, Esq. is president & CEO of BIA (www.biaprotect.com), a leader in reliable, innovative and cost-effective eDiscovery services and digital forensics. With early career experience in information management, computer technology and the law, Brian co-founded BIA in 2002 and has since developed the firm’s reputation as an industry pioneer and a trusted partner for corporations and law firms around the world. He can be reached at bschrader@biaprotect.com.
