Information governance greatly affects the volume and content of data accessible to an organization
Information Governance and Document Retention
eDiscovery applications and technology enable organizations to pull information and records from the massive volumes of content that span the enterprise, including emails and eliminate exact copies to reduce the effort and cost of reviewing the remaining content. This can be costly and time consuming. The best practice is to prepare before you have to act. The costs and management of eDiscovery can be lowered and managed through the implementation of a records management program and the use of Electronic Records Management (ERM) system.
In summary, the following outlines the most important policy issues and their importance:
- Information without business value must be disposed of according to policy and in the normal course of business.
- Records that have value to the organization must be stored and managed properly, under the control of the organization.
- A classification scheme providing an information and records management structure must be implemented for consistency and control.
- Records that are no longer needed must be destroyed in a systematic and documented way.
Remember that eDiscovery is just a more recent form of traditional Discovery with different (and more voluminous) media. Identifying the data requires the same understanding that it always has; it just means using some more updated tools and requires some improved planning.
Information governance and data preservation are challenging systems to deploy given the rapid increase in data volume, types and locations in today’s marketplace. However, it is something that should not be ignored because it can save millions of dollars and dramatically reduce the volume of data that is discoverable at any given time. The key to an effective data defensibility program is participation and buy-in from all stakeholders; from the CEO down to Legal, Operations, IT and HR. With the correct committee of people and a clear corporate mandate in place, it can (and should) be done.
In order to begin planning for a corporate-wide information governance program, there are a series of preliminary steps that should be undertaken:
- Know Where All Your Data is Located
While it seems like an obvious issue, it a not necessarily an easy task to perform. Legacy data has been accumulating for years. Systems have been partially replaced and satellite offices often have separate systems. Very few companies have moved everything to the cloud. Add to that the fact the increased number of new data types such as: mobile, chat/messaging apps, cloud services, and social media postings, all of which require different approaches to preserve than “standard” email and document storage. It is hard to get a handle on all the forms of communication in use by different divisions within a company, making identification and location the first logical steps.
- Create a Strong Working Group
- Update Existing (or Create) Data Management Policies
- Develop a Collection Plan
- Understand the Scope of the Request
Spending some time evaluating the scope of the collection need beforethe plan is implemented is time well spent. This evaluative process and pre-planning will result in efficiencies down the line. Refrain from the impulse to “get started immediately” and make sure that the Working Group is involved in the scope evaluation. Creating a list of exactly what is needed for a particular response would include decision points on items such as: how many disparate sources of data may need to be captured (email, data files, chat messaging apps, social media postings, mobile data, unstructured data and/or legacy content; custodians that require hold notifications, responsive date ranges, and perhaps most importantly responsive categories of documents. Remember that courts are frowning on fishing expeditions that are too broad in scope and are requiring requesting parties to be more focused in their requests. Make sure the legal team reviews the plan before you get started.
- Collection Execution