The Federal Rules of Civil Procedure require that litigants know what potentially relevant electronic information they have stored as part of their business operations. This knowledge includes: what electronically stored information (ESI) they have, where it is located, how it is maintained, what it would cost to retrieve and produce it, and what the retention policies are of each business unit. It is imperative that this information be known and revealed in the earliest stages of litigation. Parties must be ready to disclose whether their ESI is readily accessible or not, based on the burden and expense associated with its retrieval.
During the Meet and Confer portion of the process, the Rules also require the parties be in a position to discuss the different forms that their ESI production might be in, including the production of ESI in its "native" format. Additionally, although destruction of ESI can result in sanctions, the new Rules provide possible protection against sanctions when ESI is destroyed by routine procedures such as automatic deletions, if they occurred in "good faith" and as part of the normal and planned course of business.
In fact, businesses able to show that certain information is not readily accessible may succeed in shifting significant costs of production to their opponents, or in forcing withdrawal of their opponents' discovery requests.
How Should Companies Proceed with Compliance?
There are a number of fundamental steps that companies must take in order to be on track for compliance with new EDiscovery rules. Sometimes this can be completed using internal resources, other times an experienced ESI consultant should be retained to help provide the correct framework for compliance. The most fundamental of these is the creation of a “data map”, making it part of the ordinary course of business, before litigation is even on the horizon. Essentially, a data map is a complete catalog of the record’s created and held by a company. The data map should describe the company’s records by business unit and include a complete description of the types of electronic media that they are maintained on and the location of each form of information. Each business unit should include retention practices that they follow, especially if they are different from the company as a whole. This process will result in the business having an in-depth snapshot (which must be constantly updated) of the nature, type and location of all documents and the retention policies that exist for each classification. This is the base information needed to quickly respond to requests for information from external resources and provide the basis for educating outside counsel on potential document production issues.
Due to the increased scrutiny of recordkeeping practices during litigation, a company also needs a written record retentions plan which utilizes the data map information as the first step. The data map allows the business group to review the different data populations and develop a practical rationale for determining which records to maintain and for how long the records need to be kept. The Sedona Conference on Best Practices recognizes that no single document retention policy can meet all the different needs of an organization. These determinations are guided by understanding whether there are business, legal or regulatory requirements that impact certain records. Based on this determination, a rational basis for keeping or destroying categories of records can be made and perhaps more importantly, be defended if needed.
The detailed information in a data map can include facts that outside counsel can use to convince their opposition – or the court – that certain forms of ESI are too difficult or costly to access. Indeed, recent case law makes it clear that courts will require specific and factually detailed support for any finding that ESI is not readily accessible and that either the business should not be required to produce it or the opposition should shoulder the cost of its production.
Given the volume of data and the speed with which companies are required to comply with requests by parties and fulfill compliance regulations, it is never to early to start preparing for litigation. The challenges of responding to requests has shifted from solely the ultimate results of the discovery to include the speed at which you can respond to these requests. Data mapping is key to this process.
Charting a data map can be a challenge for some companies considering much of their data is scattered about due to the explosion of electronically stored information in recent years. Nevertheless, like anything else pertaining to email retention and eDiscovery processes, it must be addressed in an efficient manner. Below is a summary of six key steps for companies to follow when creating a data map of their electronically stored information
1) Create a multi-disciplinary team
Data mapping starts with first identifying the ultimate needs of the different players, how the information will be used. Schedule a meeting to obtain input and buy-in from legal, IT, compliance, records management, finance and executive management. This will allow the group to create document retention policy(s) that will cover all relevant business units.
2) Conduct interviews with key personnel
Interviews of various company personnel must be conducted to probe into responsibilities and practices, including identifying who is responsible for the records maintained by each department or division of the business and whether they comply with pertinent records retention procedures. Any deviations in practice from existing records retention policies should be cataloged.
3) Develop a formal policy
After the interviews are completed, the team must discuss the findings in the context of meeting various requirements under the Federal Rules of Civil Procedure and if applicable, any industry regulations or government regulations.. The email retention policy should then be reviewed so that everyone is clear on the retention requirements and policies for the company.
4) Create a data map
Data maps should encompass the various types of electronic media on which the records are maintained, including file and email servers, desktop and notebook computers, portable drives and optical media, and Blackberries and other PDAs. Details are important, to facilitate as comprehensive a records assessment as possible.
As the policies are being developed, IT can start gathering information about the company's ESI, guided by a series of questions including: what type of ESI does the company have, where is it stored and what are the current retention periods? How difficult is it to access each data location and what format is data stored in? Who is responsible for each data location? The end result is a document that contains the company’s data map. Users should consider creating both a detailed spreadsheet of the information as well as a flow chart to be used to describe the data to outside counsel.
5) Data map verification
An important part of the data map process is verification. Once the information has been documented and charted, it is important to verify the data map to ensure it is complete and accurate. IT should test the map to determine if information is actually located where the map indicates and if it is accessible as indicated. This verification will highlight any potential data gathering processes in the future and allow changes to be made before there is a time consideration.
6) Keep the data map current
Finally, as technology changes and digital storage growth and application upgrades are constant, it is important for companies to check and update data maps regularly. This is not a one time process. An outdated data map is only slightly more useful than no data map at all once it is needed in litigation.
The Take Away
Companies must be knowledgeable about what information they have, where it is stored and how easy it is to retrieve. Data maps allow a company to have this information at their fingertips, along with written retention policies and practices to use during discussions with opposing counsel. The map will allow proper response to EDiscovery requests, plan for the Meet and Confer, provide a rational and defensible process to the court and help protect against sanctions.
Comments