Who’s in Charge of the Data Management Initiative for Your Company?
10 Steps toward Getting Your House in Order…
By Linda Sharp, Esq.
1. An Enterprise wide problem requires involvement across the enterprise: Get the whole team involved, this isn’t just a legal initiative! Compliance, IT, and records all need to be on the same page to ensure that data management policies are consistent throughout the company. Better yet, that they can actually be deployed! Sit down and ask yourselves: what are the specific needs for each business unit? How are you going to make sure all parties are satisfied when conflicts inevitably arise? For example, what if two different people “own” a document, but have different retention requirements? Hmm, how are you going to deal with that? How many copies of the same document are there going to be? Would a cloud or an on-premise solution be more appropriate? These are important questions to ask each group as you work through the process. Remember, creating a policy is nice, but if you can’t carry the policy across both paper and records, it isn’t worth the “paper” it’s written on.
2. Identify a data management strategy: Work together to figure out what kind of solution and policies best suit your company’s needs. What are your organizational requirements? What data types do you need to capture? You have to take into consideration the direction that the company is going. Is your industry ripe for litigation? Is the company growing via acquisition? These questions all play an important part in identifying your next steps.
Also, keep in mind that a solution isn’t a short term purchaseundefinedit is an investment. Don’t be the one that goes down a rabbit hole to later learn that the solution you have been looking at can’t effectively handle the data that you will likely need it to in the future, such as social media, Sharepoint, smartphones, and data in the cloud, to name a few. What is the effect on the company if you are looking at the wrong solution? There are many issues that can occur. For example, you may need to buy additional software with a different user interface (UI) to manage data sitting in Notes vs. Exchange vs. Google Mail. Ask all of the hard questions up front. If not, it will cost you more money later. With that being said, identify the data stores you need today and those that you should anticipate over the next 5-10 years.
Most importantly, just because you have a long standing relationship with a provider today, doesn’t necessarily mean that they are the right solution to take you into the next decade. Technology changes every single day and faster, more efficient and reliable technology has been delivered over the last few years. There are many providers out there. Unfortunately, you’ll need to truly understand their architecture to make the best decision. Was it built from the ground up to work together using the same data schema, same code? Or was it built via acquisition after acquisition and then cobbled together? What does this mean to your ability to effectively deploy the solution and support it going forward? Do your due diligence.
- Cloud v. On-Premise Solutions When it comes to managing data on premise vs. in the cloud, remember, it isn’t a one size fits all. Some data may be appropriate in a cloud environment, while other data may not. A hybrid approach may in fact best fit your company’s needs. Ensure that whatever application you are looking at to “manage” the information, uses the same application and UI (user interface) to retrieve data from disparate locations, including in the cloud. There are many applications on the market that profess to manage information in multiple locations, however, when you peel back the onion, you may find that they are various solutions that were cobbled together. This may increase operational costs, delays in retrieving information as well as affect the integrity of the data retrieved.
3. Craft retention policies: Before you can implement a data management policy, it is vital to first design retention policies that fit your organization, and your employees’ workflow. Look at industry standards, existing policies within your organization, and the advice of experts to design a retention schedule tailored to your company’s and employees’ particular needs. Ensure your organization keeps documents long enough to satisfy business and compliance requirements but not necessarily forever.
Remember, one of the biggest struggles that affect eDiscovery costs as well as IT initiatives has absolutely nothing to do with the business. Millions of dollars a year are spent by corporations doing document review and storing data that is employee personal information. From the “honey, pick up milk” email to the Amazon.com and eBay.com transactions. This ever growing volume of non-business related information has been known to represent over 50% of the data that corporations today are storing and manipulating. Design a retention schedule and set specific criteria that will that assist you in automating the elimination of this pure garbage from your data stores.
4. It’s all about RIM: Proper records management is key to ensuring retention schedules are carried out. When it comes time to select a solution consider whether you need automatic classification, manual classification, or both. For most companies, it makes sense to look for solutions that will allow for automated retention classification of documents based on rules that have been defined for specific content. Automated processes are available today that can assist employees in carrying out the very tedious efforts of any viable retention requirement.
Not only can it save a company millions of dollars per year in regained productivity time, but it also ensures that classifications are consistent across the enterprise for any given item. If a retention policy changes, it merely requires that you amend the retention period and all documents so classified are moved to their new classification period. But, automated classification may not work for everything, thus you’ll need a solution that offers you the ability to have manual as well as automated processes. It is also important to take industry regulations and standards into consideration. For example, are you regulated under DoD 5015, or just want to make sure that your organization meets this requirement? If so, you’ll need to look for a solution that meets these criteria.
5. Don’t forget disposition: Retention is only one side of the coin. Unless your e-mails and files are actually destroyed on time, a retention schedule means nothing! Don’t let old e-mails you thought were gone come back to haunt you! Instead, make sure you know how you are going to effectively dispose of the information. I have seen many companies implement policies without consideration of the way it is going to get carried out. For example, implementing policies that employees must personally manage all of their data may not work in your environment. If it does, at what cost to the company? For example, if you have 20,000 employees and each employee is to set aside 30 minutes per day cleaning up their electronic environment. 20,000 x 30 x 5 x 50 = 150,000,000 minutes / 60 minutes per hour = 2,500,000 hours per year. Assuming a blended rate of $20 per hour = $50,000,000 per year. Decisions that you make may cost the company dearly. If you select a solution that could automate even a portion of the disposition process, imagine the savings!
When thinking about disposition, it’s especially important to consider all of those places where you have allowed information to leave the enterprise. One of the biggest culprits is the data that was sent to outside counsel and then on to a service provider. Most recently the Southern District of New York, in the GenOn v. Stone & Webster matter reiterated that we are responsible for preservation and potentially production of information that is under the GC’s “legal or practical control”, including data with third parties. Where is your data? What processes have you adopted to ensure that information that is no longer needed for a particular matter has been purged. We know that on any given matter, roughly 5-10% is actually produced, yet, service providers will maintain all of the documents that were tagged “non-repsonsive” in the data store for the life of the matter all the while: 1) you are paying hosting charges and 2) that data remains ripe for preservation in other matters.
6. Get a firm hold on legal holds: Having a retention plan and a records management solution is all well and good, but it won’t help cure your eDiscovery headaches unless that solution deals properly with legal holds. Make sure the solution you’re looking at allows for easy-to-apply, defensible preservation holds. There are solutions on the market that allow legal users to apply legal holds to custodians or individual documents with one click. In addition, some solutions also allow you to send preservation notices and surveys to custodians. These are all features that can help make your job a little easier. However, it is best served if one application could meet all of your needs. This eliminates moving of information as well as data integrity issues.In addition, consider the importance of removing legal holds from irrelevant documents. Like the “where should we have lunch?” and junk e-mails mentioned before, preserving unnecessary messages indefinitely increases storage costs and often means you’ll be sifting through documents that otherwise should have been deleted. You should select a solution that allows you to easily (if not automatically!) lift a legal hold once a document is tagged as irrelevant. What seems like a simple concept can have enormous benefits in the long term. There is no need to keep paying to store information that is clearly irrelevant whether it is internal or external to the enterprise.
7. Collection and review simplified: Without a proper data management system in place, collection for eDiscovery can become a nightmare. Imaging hard drives, having to wait days for IT to search the Exchange servers, who wants that? By proactively archiving and indexing all of your company’s data before litigation arises, collection simply becomes a matter of searching the archive. Some solutions on the market even offer advanced search tools, such as proximity and concept searches, and various filters that can help legal find all responsive documents quickly and efficiently and reduce the amount of data that must be reviewed.
8. Minimize data movement: Why import and export data between five different programs if you can do everything on only one platform? As any eDiscovery professional who has ever imported terabytes of data only to have a bunch of error messages appear on the screen can tell you, moving data is a hassle and expensive. With all the new technologies that have been developed over the last few years, it is possible to reduce the amount of software required to perform all information management, collection, and review tasks. In fact, some archiving solutions even offer advanced review tools. Examine your current eDiscovery workflows and evaluate where there is room for improvement. Does collection take too long? Do you need a better search engine? Re-evaluate your current processes. Perhaps one solution that can meet all of these needs is the best way to go. There really is a better way.
9. Reduce review costs: It is no surprise that the costs associated with document review are absolutely staggering and companies quiver when they see the monthly review bill. What is the most effective way of reducing these costs? Well, predictive coding may taught that they have the solution and review companies indicate that they have a better workflow. The bottom line is, the only way to reduce review costs is to reduce the volume of information to be reviewed, without jeopardizing missing information. If we look to ways to “get our house in order”, eliminate non-business information and information that has passed its useful life, review costs will plummet. Then, apply better processes and technology to streamline the review. Now we’re talking!
10. Unified is the only way to go: The only way to ensure that your data management strategy is foolproof is by choosing a unified solution. If compliance, IT, legal, and records each store their data in separate places, it will ultimately lead to duplicate copies, disjointed retention, and inconsistent search results throughout the enterprise, not to mention the data that sits outside of the enterprise. That group of data you handed to outside counsel to then be delivered to a service provider. In order to make sure you are in control of your data and avoid any surprises during the eDiscovery process you’ll need everything to be stored in one repository. Work with the other stakeholders in your company to find one solution that will satisfy everyone’s requirements.
But How Do I Pay for This?
Well, I’m sure by now you are thinking, “This sounds nice, but we have no budget. Don’t you read the papers? We’re in a recession”. The truth of the matter is, you are already spending the money and often it is many times over what it would cost to take control over your data. For example, imagine being able to reduce storage costs by 1) eliminating duplicative data and 2) only maintaining data that has a useful business or legal purpose. Then reap the trickle down benefits of reducing eDiscovery costs by eliminating the need to replicate and hand over information to outside counsel to be stored again and again, all of which you are paying for over the life of the matter. If the data at issue across your matters were single instanced within your environment, how much would you save? How much risk would you be able to overt? Imagine, no more processing and hosting charges. Take a look at what you spent last year on the matters that you sent outside of the organization. The bottom line is, you are spending the money, several times over. It is about working smarter, not necessarily harder.
About the Author
Linda G. Sharp, Esq., MBA, is the Associate General Counsel for ZL Technologies. Her responsibilities include corporate legal matters and related legal product initiatives. Prior to joining ZL Technologies, Linda consulted with Fortune 500 companies and large law firms as an eDiscovery expert. ZL Technologies is a premier provider of archive solutions to resolve corporate initiatives to handle “Big Data and implementation of a total information governance strategy.