
eDiscovery: Every CIO's Dreaded Call


David Otte, CIO, Bingham Greenebaum Doll LLP, David E. Otte serves as the Chief Information Officer of Bingham Greenebaum Doll LLP. As the CIO, David has reengineered the entire infrastructu... More >>
E-discovery requests are rarely straightforward and tend to evolve. However, if proper processes, communications, and project management are leveraged with a few IT best practices, e-discovery requests need not shut-down IT to address what always seems to be an urgent request. Make no mistake, an e-discovery request impacts operations and is rarely easy, but taking some of the following proactive steps can minimize disruption to IT and the company while supporting the efforts of your General Counsel. Moreover, these steps can save significant amounts of time, money, and resources for the company.
First, the company must have an open, thorough dialogue about the nature of requests and the expectations related to production. Communication between senior IT leadership such as the CIO and OGC needs to be established before the request. There needs to be a common understanding and education from the OGC to the CIO as to what types of requests may come in (and why), as well as education from the CIO to the OGC as to the types of data IT maintains, where the data is located and operational activities (including backup procedures and retention policies) that might impact the preservation or recovery of the data for the request. Further, it should be emphasized that establishing a true “relationship” benefits both IT and counsel. When a request comes in, they should work as a team and not simply as order giver (counsel) and order taker (IT). Again, all of this should be done long before the first e-discovery request is received (or at least the second request) as history will tend to repeat itself over-and-over again, causing needless and ongoing friction between IT, counsel and the business.
Second, representatives from all areas of the company should assemble a comprehensive data map. Best Practices for IT’s organization, management of systems, and data require at least basic documentation as to the document stores (e.g., email, document management system, financial data, Human Resources, Custom Sales Relationship (CRM), etc.) whether it be onsite, cloud or with a vendor. Further, you need to be able to map the data to the applications that leverage the information.
"Once an e-discovery request comes in (or arguably when reasonably anticipated) this is not and should not be the time to start executing a retention policy from an IT perspective"
This may seem very simple, but even in small organizations, these data stores are probably no less than several dozen and the applications or systems supporting the information are probably several hundred; these numbers can grow exponentially depending on the size of the company, its customers and its segments. Adding to the complexity is discussing with counsel where the data may reside outside of data stores in your traditional back office data center, such as non-company owned devices (e.g. home computers, smartphone, tablets, portable storage, etc.)The complexity of actually knowing what is stored on those non-company owned devices can be alarming!
Third, general counsel should be consulted regarding the data processing, storage, and retention policies. I recommend starting simple but broadly, working with your general counsel so they have an appreciation for the data sources and applications, as well as operational activities which may impact the data for potential e-discovery requests. Although your general counsel has probably been consulted on the duration you are retaining data, from a legal and records management perspective, this is a good time to make sure IT, the general counsel, and the business owners/departments ensure they are on the same page with regard to retention policies. For instance, if you are keeping email, financial, sales, HR and other data forever, this could not only be costing your company significant dollars from an IT operational perspective, but also needlessly exposing your company to an e-discovery fishing expedition by opposing counsel.
Once an e-discovery request comes in (or arguably when reasonably anticipated) this is not and should not be the time to start executing a retention policy from an IT perspective. Policies, procedures, and the execution should be placed into operations via a well-documented, defined manner and supportable program in conjunction with your general counsel long before the first request comes to IT.
Once IT and counsel have established good communications, a common understanding of the data stores, applications, and IT operational processes including retention, you have a good start of a basic e-discovery process. However, there is much more involved in a well-defined e-discovery program than a common understanding, including how the requests come to IT from counsel, the structure of the requests, the expected delivery format, timing, who should execute the requests, who/what communications to the business/ end users if necessary, preservation, chain of custody and discussing when it might be necessary to hire outside experts to search systems such as individual PCs, laptops, smartphones, tablets, etc. These are all areas that need thorough review with counsel and the development of detailed checklists, processes, and procedures. All of these planning steps need to occur before you even start exploring the ever expanding number of technologies and tools to assist with discovery. Otherwise, you are investing in expensive technology before understanding what you are trying to accomplish.
With that said, as with most business IT problems, “there is an app for that,” however, I’ve purposely kept the scope of this article to the people and process side of e-discovery. There are a myriad of products that help identify data stores to applications which may help streamline some of the efforts recommended above. Further, there are countless e-discovery applications and service providers who can provide tools to help identify, collect, and ultimately assist lawyers with the review and production to counsel. These tools and service providers can be critical components to any long-term e-discovery program. However, without the building blocks of a solid relationship and understanding between IT/CIO and the company’s legal team/OGC, it will be difficult (if not impossible) to determine what tools and technology will be needed. Hence, tools and technologies are not necessarily the starting point, and they are definitely not a substitute for a common understanding of business legal needs and the IT operations as jointly understood by two critical business functions – IT and Counsel.
ON THE DECK

Featured Vendors
Expert-Nation.com Network: “Facts Matter,” and Subject Matter Expert Witnesses Bring the Facts from Expert-Nation.com Network
Canon Business Process Services: Timesaving, Cost-Effective Litigation Support Services and Technology for Law Firms
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
Disrupt Your Legacy Application Portfolio to Improve Security And...
Why a Credentialing Strategy Must be Part of Your Digital Strategy
The Convergence of IT with the Internet of Things Innovation
It’s On People: The Undeniable Cultural Impact in a Digital...
A Promising Road Ahead for Insurtech
Bolloré Logistics Australia becomes a global leader in the use of...
