1. Have a Governance Model to control the eDiscovery process centrally.
Without an approved governance model, eDiscovery will be prone to failures associated with:
- Ill-defined roles and responsibilities, resulting in everyone doing everything or no one doing anything
- Inability to properly monitor the success of or adherence to policy and processes
- Inability to measure the effectiveness of policies and processes
- Inability to track the costs/benefits and properly budget for ongoing operational activities
- Inability to ensure that the eDiscovery strategy continues to align with business strategies
The program needs to encompass four core competencies: guiding/strategizing, designing/coordinating, executing, and monitoring. Each of these competencies is necessary to ensure a relevant and sustainable governance model.
- Who will guide the company by defining policy for eDiscovery and aligning it with Information Management / Enterprise Content Management policy?
- Who will design and coordinate processes to enable each business to fulfill their execution obligations consistently?
- Who within each business will execute and enforce the policies and processes?
- Who will audit and monitor adherence to the policies and processes?
2. eDiscovery is risky and costs money.
eDiscovery costs a lot of money. The primary costs occur at the review and the processing stage. The review stage is used to sort out responsive documents to produce and privileged documents to withhold. It is the time where the legal team can begin to gain a greater understanding of the factual issues in a case. 30-70 % of the eDiscovery budget is spent here. The processing stage must accommodate a wide variety of unstructured data, handle each form in a manner appropriate to its file type, and generate output that is structured in accordance with review requirements that often vary with law firm practices and client needs.
Risk is directly connected to costs. The most obvious risk is that emails, files, or paper are destroyed after a litigation hold has been called. Sanctions can be significant if this procedure is violated. Such sanctions include but are not limited to 1) Substantial fines, 2) Adverse inference instructions, and 3) Striking a Claim or Defense.
3. You need an email policy with a specific section on eDiscovery.
Your email policy should cover the aspects of eDiscovery. The section should describe what happens when your company is hit by litigation or by subpoena. It should state the mandatory process of litigation hold and all responsible contacts. But keep it simple and useable.
4. Use an accepted eDiscovery Framework.
Using an accepted framework helps your organization to speak the same language about the necessary task during the eDiscovery process. There are two common frameworks available:
- The Sedona Principles, focusing on fourteen best practices recommendations and principles of eDiscovery issues, including comments on their application
- The Electronic Discovery Reference Model (EDRM), guiding a common, flexible, and extensible framework for the development, selection, evaluation, and use of electronic discovery products and services. It can be used as the basis for comparison of your current eDiscovery practices
5. IT, Legal, Business, and Administration must work together.
Being forced by a court to produce tons of electronically stored information within a short time frame is the emergency case for IT, Legal, Business, and Administration Departments. All four departments are stakeholders within an eDiscovery process and must be recognized by the Governance Model. They must closely work together during the phase of document preservation, document collection, processing, review, analysis, and document production. All for one and one for all!
6. eDiscovery also an issue for European companies.
European companies, especially multinational global companies from different industries (e.g., Pharma, Automotive, Finance, or High-Tech), get hit by eDiscovery topics in the future. They will struggle with the challenges in meeting different language requirements and moreover to cope with different national and multinational regulatory requirements, e.g., German Data Protection Law, The Hague Convention on the Taking of Evidence Abroad in Civil and Commercial Matters, The EU Data Protection Directive with its Safe Harbor approach or the French Blocking Statute.
However, they are not ready for eDiscovery as BearingPoint´s survey of 2008 about email management states. Five hundred companies in Germany, Austria, and Switzerland were asked about their ability to provide within two weeks the complete correspondence (including all emails) to a transaction. 45% reported “yes, with huge costs," 15% stated “No," and 15% were not sure. Only 23% were confident they could meet the requirement.
7. Think of in-house vs. SaaS and hosted eDiscovery solutions.
During the current economic climate, it is helpful to think about a hosted email archiving and hosted review platform, in order to avoid spending budgets on an in-house solution. On the other hand, an in house solution is a preferred way to control the eDiscovery process.
8. eDiscovery is not only an email issue.
Although most litigation focuses on email, the changes driven by the Federal Rules of Civil Procedure (FRCP) do not focus on email alone. Email is just an example. Other content types on file shares and desktops are of importance, and the FRCP requires that all companies who conduct business in the U.S. must:
- Produce electronic information in its native format, with metadata intact (which precludes providing hardcopy of email, for example)
- Prove chain of custody for electronic information
- Ensure litigation hold policies are enforced
- Complete an exhaustive search of all electronically stored information (ESI), noting its description, category and location, prior to the first pre-trial discovery meeting (within 99 days)
- File an electronic discovery plan within 120 days of a complaint being filed in federal court
