Mark Karnick shares insights about the tech issues of preserving, collecting and producing digital information during a lawsuit’s discovery process.
Adding to the pressure on CIOs is the requirement that they educate themselves and their companies in e-discovery techniques, best practices and procedural requirements. Get it wrong, and there could be serious legal ramifications. A 2010 Duke University School of Law study noted a significant increase in the number of companies penalized for improper handling of ESI, most commonly for failure to preserve relevant data. As expected, defendants were found to have violated the rules far more often than plaintiffs. The penalties imposed by judges range from stiff fines to case dismissal or even default judgment. The study also revealed that courts are increasingly willing to impose penalties on companies even in instances where the mishandling of electronic data was unintentional.
Given these issues, what is a CIO to do? Here are a few important tips:
1) Work with your law firm—As CIO for a nationally recognized law firm, I often consult with the CIO and other IT department personnel of our clients to make sure the company’s in-house collection of e-discovery data is performed using defensible processes and procedures. Among other things, this means identifying all potential sources of discoverable data, ensuring that the data is formatted in accordance with court rules or an agreement between opposing counsel and, most importantly, ensuring that the discovery data is collected unaltered and intact with all relevant metadata. In addition, many law firms have begun to expand their e-discovery services due to the increasingly high cost and inflexibility of outside vendor services. Our law firm elected to make a significant investment in advanced e-discovery software products, giving us in-house processing capabilities that equal or surpass those of many outside vendors. This decision was driven primarily by our desire to create an efficient, responsive system that avoids the pitfalls of dealing with outside vendors and minimizes costs for our clients.
2) Carefully deploy e-discovery software—Companies that implement in-house e-discovery software must ensure that the software is deployed and configured in exact accordance with the manufacturer’s specifications. It is especially important to make sure that the software is able to access all of the relevant data sources and that the software’s internal search and indexing features are functioning properly. Once deployed, test the system vigorously.
3) Upgrade your existing tools—Software vendors are now adding e-discovery functionality to many of their existing products, especially in the areas of email archiving and document management. If you have an enterprise agreement that entitles you to version upgrades, it may be worthwhile to determine whether an in-place upgrade will provide new discovery-related features.
4) Beware of backups and disaster recovery (DR) tools—Some CIOs assume that they can use their existing backup and DR tools if they ever need to recover data for litigation purposes. This is rarely feasible; most backup products have limited search capabilities, and it is often very difficult to restore data from DR tools into production environments. In addition, this type of data recovery tends to be very time-consuming and expensive, and almost always has to be performed by outside forensic or DR vendors.