Preparing for an E-Discovery ShowdownBy Elizabeth Millard | Posted 2008-07-02 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce REGISTER >
Discovery in legal cases may require a whole lot more of your company's stored data than you know. And it's your boss, the CIO, who will be responsible for making that data available to the legal team. Here are some tips for mitigating the electronic discovery chain.
As a buzzword, "e-discovery" doesn't have much flash, but it does have plenty of substance─as those involved with litigation have discovered. Because so much corporate communication and information is stored in digital form, being able to retrieve that data quickly and affordably is helpful, but it's not always realistic.
Many organizations might store data in legacy systems or at off-site locations, and requests for specific e-mail, for example, could be expensive to locate, and may not even be relevant to the case. CIOs need to implement and enforce e-discovery protocols and infrastructure, but some believe many companies are woefully unprepared.
"What a CIO should be asking is, 'What happens if my company gets sued?'" says Tom Hathaway, an attorney who specializes in e-topics at law firm Clark Hill.
CIOs need to know several issues to be prepared in case litigation crops up and e-discovery looms large, and the first wake-up call is that e-discovery is expensive and time-consuming, Hathaway says. Although CIOs may be aware that there will be costs and effort, they tend to underestimate the effects of trying to manage ESI (electronically stored information) since there are so many avenues of communication.
For example, voice mail that is part of a voice over IP system could be subject to regulations, which means that the messages not only need to be stored, but also located if a request comes in as part of litigation.
Another Clark Hill attorney, Brian Ziff, has noticed that in the commercial litigation cases he handles, nearly every suit involves e-discovery to some degree, including contract drafts, purchase orders and e-mail. Just having recognition of the importance of ESI for e-discovery is an important first step that can be overlooked.
Once the recognition is in place, CIOs can prepare by working with in-house or outside counsel to get an understandig of current rules. Ziff suggests implementing a written plan that will outline how different departments will act and provide in the case of litigation.
"The rules of e-discovery don't require that you shut the company down completely in order to comply," says Ziff. "But they do require protocols. Sometimes, the only proof you might have of some data is that you tried to save it, but don't count on that being enough."
CIOs, in particular, will need to start this effort within a company to learn the rules and develop the procedures, Hathaway explains. "They're the first responders in many suits; they're the gatekeepers."