1. Have a Governance Model to control the eDiscovery process centrally.
Without an approved governance model, eDiscovery will be prone to failures associated with:
The program needs to encompass four core competencies: guiding/strategizing, designing/coordinating, executing, and monitoring. Each of these competencies is necessary to ensure a relevant and sustainable governance model.
2. eDiscovery is risky and costs money.
eDiscovery costs a lot of money. The primary costs occur at the review and the processing stage. The review stage is used to sort out responsive documents to produce and privileged documents to withhold. It is the time where the legal team can begin to gain a greater understanding of the factual issues in a case. 30-70 % of the eDiscovery budget is spent here. The processing stage must accommodate a wide variety of unstructured data, handle each form in a manner appropriate to its file type, and generate output that is structured in accordance with review requirements that often vary with law firm practices and client needs.
Risk is directly connected to costs. The most obvious risk is that emails, files, or paper are destroyed after a litigation hold has been called. Sanctions can be significant if this procedure is violated. Such sanctions include but are not limited to 1) Substantial fines, 2) Adverse inference instructions, and 3) Striking a Claim or Defense.
3. You need an email policy with a specific section on eDiscovery.
Your email policy should cover the aspects of eDiscovery. The section should describe what happens when your company is hit by litigation or by subpoena. It should state the mandatory process of litigation hold and all responsible contacts. But keep it simple and useable.
4. Use an accepted eDiscovery Framework.
Using an accepted framework helps your organization to speak the same language about the necessary task during the eDiscovery process. There are two common frameworks available:
5. IT, Legal, Business, and Administration must work together.
Being forced by a court to produce tons of electronically stored information within a short time frame is the emergency case for IT, Legal, Business, and Administration Departments. All four departments are stakeholders within an eDiscovery process and must be recognized by the Governance Model. They must closely work together during the phase of document preservation, document collection, processing, review, analysis, and document production. All for one and one for all!
6. eDiscovery also an issue for European companies.
European companies, especially multinational global companies from different industries (e.g., Pharma, Automotive, Finance, or High-Tech), get hit by eDiscovery topics in the future. They will struggle with the challenges in meeting different language requirements and moreover to cope with different national and multinational regulatory requirements, e.g., German Data Protection Law, The Hague Convention on the Taking of Evidence Abroad in Civil and Commercial Matters, The EU Data Protection Directive with its Safe Harbor approach or the French Blocking Statute.
However, they are not ready for eDiscovery as BearingPoint´s survey of 2008 about email management states. Five hundred companies in Germany, Austria, and Switzerland were asked about their ability to provide within two weeks the complete correspondence (including all emails) to a transaction. 45% reported “yes, with huge costs," 15% stated “No," and 15% were not sure. Only 23% were confident they could meet the requirement.
7. Think of in-house vs. SaaS and hosted eDiscovery solutions.
During the current economic climate, it is helpful to think about a hosted email archiving and hosted review platform, in order to avoid spending budgets on an in-house solution. On the other hand, an in house solution is a preferred way to control the eDiscovery process.
8. eDiscovery is not only an email issue.
Although most litigation focuses on email, the changes driven by the Federal Rules of Civil Procedure (FRCP) do not focus on email alone. Email is just an example. Other content types on file shares and desktops are of importance, and the FRCP requires that all companies who conduct business in the U.S. must: