E-Discovery: Team EffortBy Elizabeth Millard | Posted 2008-07-02 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Discovery in legal cases may require a whole lot more of your company's stored data than you know. And it's your boss, the CIO, who will be responsible for making that data available to the legal team. Here are some tips for mitigating the electronic discovery chain.
Although e-discovery is driving more awareness of protocols and procedures at some companies, that doesn't seem to be the case in most firms.
Storage firm Kroll Ontrack performed a survey of in-house counsel, focusing on how they managed ESI in litigation and internal investigations. The study showed that only about 25 percent of U.S. in-house counsel claim to be fully up-to-speed with all case law, developments and regulations related to ESI, and the percentage is even smaller in the United Kingdom, the other country covered by the survey. Of all respondents, about half noted that they don't have any ESI policy.
Although the survey covered just in-house counsel, respondents reported that primary responsibility for ESI strategy development could be found in other departments. About half the companies had in-house counsel as the ESI leaders, but among the others, those accountable might include CIOs, IT managers, CFOs, HR managers and compliance officers.
"The most interesting part here is where the blame gets put if something goes wrong with e-discovery," said Michele Lange, Kroll Ontrack director. "In-house counsel tends to blame the CIO as well as themselves if the company is sanctioned, even if the CIO isn't directly responsible for setting the policies."
She suggests that CIOs create a data map of the company to show how data is being transferred inside and outside the firewall, and also where it's being stored. "How accessible is this data if you have to produce it in litigation?" she notes. "Is it something that requires a Herculean effort to get to, or can you get it fairly inexpensively? These are the kinds of questions to ask during a tabletop drill, when you go through hypothetical situations."
Another strong approach is to develop a team-based effort, in which C-level executives and department heads from HR and accounting are brought together to learn about how to store information, Hathaway says.
It won't do much good, for instance, if the CIO has a stellar storage strategy in place, but HR and accounting are digitally shredding all documents more than a few months old. And if it's found that information has been erased, it could be even more damaging to a case than if it's used by the other side, Ziff adds.
"You're almost highlighting it by deleting it," he says. "These days, if other departments aren't properly trained by CIOs in how to handle potential litigation situations, all they're doing is creating liability."
What e-discovery preparation essentially boils down to, Hathaway believes, is the CIO's ability to emphasize that all information is company property, whether it's a voice mail, text message, or personal e-mail on the company's network.
Staying current on regulatory policies, creating a plan for information retrieval, and training departments on proper document and communication preservation can go a long way toward dealing with e-discovery, rather than getting derailed by it.