corporate ediscovery: an inside perspective
DESCRIPTION
While corporations, law firms and service or software providers have the same ultimate ediscovery objectives, specific priorities, strategies, and tactics used to achieve these goals are often enormously divergent. Get a glimpse into what drives in-house ediscovery decisions behind information management, budgeting, preservation, collection and document review.TRANSCRIPT
Corporate Ediscovery: An Inside Perspective
Proprietary 2
Discussion Overview
Introduction—What Drives Decision-Making?
Data Management
Regulatory Compliance
Social Media Control
IT and Legal Departments
3
Introduction—What Drives Decision-Making?
While corporations, law firms and service or software providers have the same ultimate ediscovery objectives, specific strategies used to achieve ediscovery goals are often enormously divergent
» Today, we focus on what can be gleaned from the corporate perspective
4
Introduction—What Drives Decision-Making?
As Big Data gets bigger, effective ediscovery practices are more important than ever
5
Data Management
Important because:
6
» Data is an asset that holds value for the organization, which has a duty to stakeholders to manage data effectively to maximize profit, control cost and ensure the vitality of the organization.
Electronic
information
must be
preserved
whenever
litigation is
reasonably
anticipated
7
Keep tabs on data with a comprehensive list of potential data sources, including:
» Business and personal:
E-mail accounts
Computers, iPods, flash drives
Phone calls, voicemail, Skype
Databases, cloud services
Network servers, structured data systems
Social media sites
Text messages, instant messages
Document management tools
» Rule of thumb: anything with memory
Data Management
Data Management
Corporations balance legal and regulatory compliance with business efficiency
» Big Point: All organizations must find a way to retain required records, and also appropriately dispose of non-essential data to free storage space and prevent risks associated with over-retention
Retention Disposal
8
Regulatory Compliance
Law firms should be aware that corporations must deal with strict government oversight on data
Various state and federal regulations, such as Sarbanes-Oxley, SEC 17a, Gramm-Leach Bliley Act and HIPAA, pose strict data retention requirements
» Organizations should adopt a records retention policy and retention schedules that establish governance and compliance with applicable regulations
» Legal cannot simply hand a records compliance policy to IT and business managers—the key is implementation
9
Regulatory Compliance Personally Identifiable
Information (PII)
10
» There are a number of state and federal laws that place tough regulations on organizations that store personal identifiable information (PII)
– Important to proactively approach data security breaches by implementing an incident response plan
– Stay up-to-date on applicable privacy laws
Regulatory Compliance We can anticipate a steady increase in regulatory
enforcement over the next few years
» SEC imposes new regulations—all organizations must keep watch
» Congress passes financial sector reforms in response to mortgage and credit crisis
» Government reacts to recent disasters in the energy industry and pressure for reform continues
11
Social Media Control
In 2011, a global survey of companies found:
» A majority of companies surveyed plan to increase spending on social media
12
» More than 80% of companies are using social media to communicate with potential clients and drive new business
Social media presents opportunity, but also risk
Source: Corporate Social Media Spent to Increase Among B2B Companies Globally According to Worldcom Survey, WORLDCOM (May 11, 2011), http://www.worldcomprgroupemea.com/category/social-media/.
Social Media Control Do social media the corporate way—
develop a social media policy that clearly identifies what is and is not acceptable
» No “one size fits all” approach
» Policy reflects both corporate culture and law
– Must understand:
• Your company’s brand
• Tolerance for dissent and risk
• Relationship with workforce
» Balance those factors with what the law requires/allows
13
IT and Legal Departments
Repetition, Repetition, Repetition
» Corporations strive to create repeatable ediscovery processes that streamlines the efforts of the IT and Legal Departments—translated for law firms, this means ditch the ad hoc approach!
14
IT and Legal Departments
A meeting a month keeps the sanctions away
Law firms should similarly streamline their infrastructures to handle ediscovery issues
15
» Update the organization’s data map
» Establish clear guidelines about litigation holds
» Discuss pending and potential ediscovery projects
» Communicate about data custodians, locations, data retention policies, and litigation hold procedures