How to Move E-Discovery into the Enterprise: What Matters?
If you work for a company with more than $500 million in revenue, you are probably familiar with the problems of e-discovery. Your enterprise may routinely face five or more litigation matters each year. Plus, you probably have terabytes of unstructured information that you need to sort through just to find relevant information and place it on litigation hold.
Worse, that unstructured information is growing dramatically-at a rate of up to 80 percent a year in many enterprises. Unmanaged and unplanned-for e-discovery tasks increase both risk and headaches for legal, IT and business unit organizations. Outsourcing e-discovery to litigation services firms makes sense if you don't have much data or if you rarely face litigation. However, it doesn't make good financial sense as your organization grows. That's particularly true if you work in highly regulated and litigation-prone industries such as banking, insurance, energy or utilities.
Here are 10 tips to keep in mind when choosing an e-discovery solution. These tips will help you choose a solution that can get up and running quickly, and solve the problems you need it to, while paying for itself within months.
Tip #1: Make sure your solution is EDRM-compliant.
Make sure your solution covers the full breadth of the e-discovery process as defined by the industry's EDRM (Electronic Discovery Reference Model) standard. Your solution needs to cover everything from information management, identification, preservation and collection to processing and early case analysis. It needs to do all of this on its own, handing over only the smallest, legally defensible set of data to the legal review team. Otherwise, you'll have to cobble together multiple solutions from multiple vendors, which will only create a bigger headache for yourself. Not to mention the compromised audit liability point solutions present.
Tip #2: Insist on an open integration platform.
Insist on an open integration platform that supports various e-mail systems, storage systems, archiving systems, and content and document management systems. For instance, if you're in the process of migrating data from a Novell server to an EMC Celerra (or vice versa), you'll need something that can read files from both. Your solution should be able to read data from shared file servers, desktops and laptops (including Macs and PCs), as well as from content management systems such as Microsoft SharePoint and EMC Documentum. It should also be able to read data from storage systems such as EMC Centera, NetApp, Hitachi and IBM.
Tip #3: Implement without impacting productivity.
Ensure that when you implement your solution, you can execute without impacting employee productivity. Flexible job scheduling allows processing to occur after hours when employees aren't around. It's essential to be able to perform litigation hold without disrupting the production environment of your knowledge workers.
Tip #4: Work in conjunction with management policies.
When locking down documents for litigation hold, be sure your system works in conjunction with existing corporate records management policies. This way, you will be coordinated with ongoing IT data management functions such as data backup, migration and file expiration/deletion. Implementing an effective litigation hold strategy requires close coordination with your corporate records management policies so that documents responsive to an active legal matter are not inadvertently deleted.
Tip #5: Create a data topology map.
Be sure you can create a data topology map that identifies electronically stored information by a full complement of variables. These variables include system location, custodian, access time, size and content type. It's critical to be able to perform pre-discovery profiling of data so that you can manage it, know your liability and quickly respond to legal requests.
Tip #6: Make electronic data readily available.
Your solution will need to make available all relevant and responsive electronically stored information to legal, HR or audit teams prior to the completion of the collection process. Even while collection and preservation are ongoing, you should be able to call up information that's saved, indexed and relevant today.
Tip #7: Preserve the integrity of existing data.
Your solution should be able to interact with electronically stored information without changing the data. It's critical to preserve the integrity of existing data. Don't let your software alter document properties when copying or moving it because those properties themselves are important in order to maintain legal defensibility.
Tip #8: Keep the importance of audit logs in mind.
Check to see if your prospective solution can execute forensically sound collection policies while providing defensible and comprehensive audit logs. These audit trails show where data originally resided, what search terms were applied to collect it, and when copies of it were made. Attaching unique digital signatures to files (before and after they are collected) proves that none of the actions performed altered the original content.
Tip #9: Remember that rich search capabilities are vital.
Your solution needs to provide rich and sophisticated search capabilities. Are you able to search and identify terms and natural language concepts within files? Are you able to do so as well within e-mails and their attachments? You should be able to search on common metadata and simple text strings. In addition, you should be able to perform sophisticated natural language-based searches that can differentiate between Will (the name), will (the legal document) and will (the auxiliary verb). Accuracy provides the smallest legally defensible set of data to be reviewed by the legal team. This significantly reduces e-discovery time and costs.
Tip #10: Make it easy to deploy and maintain.
Be sure your solution is easy to deploy and maintain. If you have to spend weeks or months getting a system working before it can even begin accessing, categorizing and reporting on information, you're at a huge disadvantage. Ideally, look for a self-contained, out-of-the-box appliance. It should be able to combine hardware, software and storage and provide results back to you within 24 hours.
Bringing e-discovery in-house is a big step. Many organizations find that in doing it, they're able to save themselves hundreds of thousands of dollars. They dramatically reduce the time necessary to respond to legal requests. They're also better able to organize their own internal processes and data storage.
But finding the right solution is key. An incomplete solution that only addresses part of your needs, and only responds to yesterday's list of legal requirements, is bound to cause more headaches. So, take the time for thorough evaluation and make your decision carefully. You'll be glad you did.
Ursula Talley is vice president of marketing for StoredIQ, a leading provider of enterprise-class IIM (Intelligent Information Management) solutions that enable organizations to gain visibility and control over business-critical information in order to meet compliance, governance and legal discovery requirements. She can be reached at firstname.lastname@example.org.