CIOREVIEW >> Legal >>

Powering E-discovery through Information Governance

By CIOReview | Friday, June 23, 2017

Devices connected to the internet are already double of human population and is expected to outnumber people by 3:1 ratio in 2020. However, it was not until Amazon’s Alexa was used as evidence in a trial earlier this year that the gravity of this information was comprehensible. Electronically Stored Information (ESI) can act as a rich fodder to a multitude of purpose including legal proceedings. It also is an enormous battlefield for big data analytics, which can draw meaningful insights out of the huge amount of data. To utilize its broad capabilities, a governance framework is a must. Information governance (IG) entered the scene soon after digitalization of documentation actualized. There are many definitions that are put forth that resonate with the commentaries of technology evangelists but a concrete definition isn’t available. The Sedona Conference advanced the following definition of Information Governance: “[A]n organization’s coordinated, inter-disciplinary approach to satisfying information legal and compliance requirements and managing information risks while optimizing data value.”  

Electronic discovery or commonly referred to as E-discovery is tightly knit with Information governance. E-discovery refers to a process that entails searching, locating, and securing electronic data for legal purposes. And by doing so it underscores the importance of IG strategy in an enterprise. The IG framework should be robust and devoid of loopholes to mitigate the risk of E-discovery infringement. The key elements of an effective IG strategy are discussed below:

Reduce Cost by Streamlining Information

Knowledge about the information stored is quintessential to form an effective IG framework that facilitates e-discovery. At the outset, e-discovery might seem like a process of searching repositories of only electronic data, in reality information stored in paper documents, external hard drives, thumb drives, and other storage devices can also add to the list. Therefore, streamlining and organizing information can turn out to be time saving as well as cost-effective.

Granting Proper Authorization

Companies must ensure that access to the data repositories are properly vetted and given to selected individuals. User permission protocol should be developed, however it's just the icing on the cake, the real push should be towards audit trail. Moreover, an audit report must generate seamlessly on command. Such responsiveness will comfort external clients and executives as they would look upon a company that is audit-ready. Even courts and legal teams also will agree unanimously on the importance of audit reports and audit trial—what policy was used, when it was approved, who approved it and when was it formulated and applied. 

Defensible Deletion Policy

The timeframe for which data should be retained and preserved is construed to be 'forever' by most organizations. However, this strategy is neither prudent nor cost-effective from litigation viewpoint. Therefore, companies must enforce policies that facilitate deletion of information that has met regulatory retention requirements. This must be done in auditable manner to make sure compliance obligations aren't compromised.

Learn From Past Experiences

There are legal trials that consume a significant amount of time and resources. The take away from such cases is to update morph policies in accordance with the experience to avert such a situation in future.

Avoid Spoliation through a Systematic Process

Spoliation of evidence refers to intentional or negligent withholding, altering, hiding, or destroying of evidence data relevant to a legal proceeding. Organizations must enforce effective IG policies to avoid such scenarios. Coalescing IG framework with a robust data retention management process that facilitates E-discovery regulations can ensure end-to-end flow of information that can be garnered, used, and produced. Legal mandates and obligations for multinational giants vary from jurisdiction to jurisdiction. A systematic IG framework empowers organizations with tools to better manage spoliation scenarios and comply with different laws and regulation.

E-discovery and IG are complex subjects and the aforementioned steps are just the tip of iceberg. Undoubtedly, IG favors E-discovery process and hence formulating a proper framework becomes essential.

Review: CIOReview