8 Things You Need to Know About Preservation of e-Documents for Litigation and Regulatory Investigations
As regulators and courts increasingly exercise their oversight powers, it can be expected that they will hold organizations accountable to explain the evaluations which underpin their ESI (Electronically Stored Information) preservation protocols.
The business impact of this heightened level of regulatory and judicial scrutiny is that enterprises that ignore the ESI preservation risks inherent in local and remote working, as well as the management of employee Web 2.0 communications, do so at their peril. Since over 93% of enterprise records are electronic, and the volume and mix of data types are exploding, millions of electronic documents are now routinely collected from all locations where an organization has custody, control, or access to electronic documents – be it in London, Lima, or Timbuktu.
The dynamic nature of ESI means that critical documents can easily be overwritten, modified, destroyed, or corrupted during normal use. It does not matter whether this happens accidentally or maliciously. The result is the same – loss of potentially relevant evidence giving rise to probable criminal penalties, fines, or court sanctions for spoliation.
The following tips may provide useful guidance:
Dig your well before you are thirsty.
The Chinese proverb “dig your well before you are thirsty” is particularly apt. Be proactive and establish a transparent, documented, and defensible methodology for the preservation of ESI once a regulatory investigation or litigation is foreseeable. This process should be driven by senior stakeholders from legal, IT, records, and compliance.
Define your information management framework.
Implement an effective information management framework that ensures that records generated by the business are kept and destroyed in a legally compliant manner. This structure will generally provide a consistent methodology and the volume thresholds in which data is deleted, overwritten, or stored to off-line or back-up systems.
The metadata associated with an electronic document can be just as important as the data in that document because it establishes the context in which the electronic content was created. The courts and regulators expect that the metadata associated with ESI will be kept intact.
Implement an IOA strategy.
Implement an information organization and access (IOA) strategy as the essential cornerstone of the above procedures. Your organization’s ability to systematically create, implement, and administer a holistic information management and compliance strategy is critical.
Constantly monitor custodian based-retention practices.
Employees tend to store data in the most convenient manner, regardless of policy. Portable media or storage devices can now hold vast amounts of data, which can exist at any given time only on that device. Along with Web 2.0 social networking platforms, they can be crucial in establishing relationships, timelines, and exceptions to hearsay objections. Remember that different functions handle data in different ways. For example, mahogany row executives often deploy private email systems that are known only to a handful of people. You must guard against the concealment of such potential sources of ESI.
Deploy archiving technology.
Deploy archiving technology that meets evolving data retention and preservation obligations, and don’t rely on backup tapes as an archive.
Centralize and consolidate preserved ESI.
Centralize and consolidate preserved ESI into one or just a small number of repositories if your organization is routinely involved in litigation or regulatory investigation or as soon as you anticipate any of these events. This will reduce the cost and disruption normally caused by the e-disclosure process.
Develop a transparent and consistent process for ingesting preserved ESI.
Develop a transparent and consistent process for ingesting preserved ESI back into an enterprise archive once the investigation or litigation is fully concluded.
About John Mancini
John Mancini is the President of Content Results, LLC and the Past President of AIIM. He is a well-known author, speaker, and advisor on information management, digital transformation and intelligent automation. John is a frequent keynote speaker and author of more than 30 eBooks on a variety of topics. He can be found on Twitter, LinkedIn and Facebook as jmancini77. Recent keynote topics include: The Stairway to Digital Transformation Navigating Disruptive Waters — 4 Things You Need to Know to Build Your Digital Transformation Strategy Getting Ahead of the Digital Transformation Curve Viewing Information Management Through a New Lens Digital Disruption: 6 Strategies to Avoid Being “Blockbustered” Specialties: Keynote speaker and writer on AI, RPA, intelligent Information Management, Intelligent Automation and Digital Transformation. Consensus-building with Boards to create strategic focus, action, and accountability. Extensive public speaking and public relations work Conversant and experienced in major technology issues and trends. Expert on inbound and content marketing, particularly in an association environment and on the Hubspot platform. John is a Phi Beta Kappa graduate of the College of William and Mary, and holds an M.A. in Public Policy from the Woodrow Wilson School at Princeton University.