While many still consider electronic discovery to be primarily a legal issue, in reality it is a critical business function as well. IT-driven decisions determine the path of data creation, management, storage and, ultimately, disposition. Beyond the critical importance of adequately responding to administrative hearings or litigation, these decisions concern some of your most critical business assets, your data. Currently, sophisticated organizations realize that implementing a robust information governance and strategic discovery management program is critical to their long-term business strategy, particularly in heavily-regulated and litigious industries. Regardless of whether an organization is planning for information governance or discovery management, the design process is similar as is the intent. Poor management of large data repositories can result in costly sanctions and increased long term organizational risk. Shabbily conducted discovery responses place an undue risk on the whole organization. A proactive approach to policy creates an opportunity to take control and plan for the unknown, reduce volume, lower costs, and mitigate risk associated with unclassified electronic records. Furthermore, this strategy may boost an organization’s competitive potential and decrease costly legal spend when discovery arises. The proper process in creating and implementing a proactive records strategy lies in the combination of the entity’s legal and IT departments in concert with outside counsel and an experienced outside provider.
The prospect of designing and implementing a proactive strategy can be daunting. Stakeholders have competing agendas. Time and resource constraints can choke even the most well-intentioned efforts. There are several key components in the origination and execution of these programs that will increase the chances for success.
The program must be broad
There are virtually no global organizations with a single silo. Invariably, each entity will have multiple irons in the larger market and a myriad of internal groups to support those efforts. Although IT, Legal, Outside Counsel and Service Provider comprise the key design team, they are by no means the only stakeholders in designing proactive data policies. By necessity, a proactive policy will touch each part of the organization, whether internally or externally facing. Corporations around the world are replete with extensively designed but clearly ignored proactive policies. Each affected department should designate an individual or small working group responsible for representing that group in the overall design and implementation process. Once inside and outside counsel determine a framework based on regulatory requirements for data preservation, the departments included in the policy implementation should have input into the initial workability of that plan. At each phase of design and implementation, the feedback of the individual departments is critical to ensure day to day compliance with any program.
The program must be deep
To a person in the corporate technology space fifteen years ago, the acronyms BYOD, USB, VPN, SMS and MMS meant little or nothing. To a cybersecurity or eDiscovery professional today, those acronyms may mean the difference between complying and not complying with an investigation or request. Each one of those acronyms represents a critical source of data that may contain key evidence. The use of new forms of technology and communication have exploded in the corporate marketplace. Still, many organizations rely on aging policies or policies that are limited in scope. During the process of interviewing departmental representatives, it is critical to understand what technologies the department uses and how that use changes over time. In addition, many departments retain large volumes of legacy data that may fall under document retention. The longer that data is held without use, the higher the liability that data represents. Policy depth directly reflects on the overall efficacy of any proactive policy.
The program must be supported below
To ascertain the effect that a proactive policy will have on the group as a whole can only be attained by consulting with those at the “local” level. Establishing a common goal and framework will allow disparate groups to proceed in a uniform direction. However, providing the flexibility to adjust to conditions at the local level will allow the program to be implemented cleanly and specifically to that department. Ultimately, the policy cannot be viewed by those at the day to day implementation level to be a serious impediment to their work. Productivity will usually win out over compliance in groups measured by their productivity. Many well-intentioned policies fail because employees feel that those who designed the policy simply don’t understand how to integrate the program into day to day work. By making each group a stakeholder and giving each employee the perspective of input through their representative, the program has a higher likelihood of success.
The program must be supported above
An off-hand comment or a slight change in policy can doom even the most extensive efforts. Proactive policies such as these may require the dedication of large numbers of people and resources. Support for these efforts must begin and end at the top of the organization in order to ensure the sufficient breadth, depth and broad support for a proactive policy.
How can a provider help?
Companies like NightOwl Discovery recognize the value that proactive policies deliver to their clients. With groups like NightOwl Discovery’s Client Advisory Group, consultants work with clients to address specific needs and assist in designing programs built to solve difficult problems. Providers have unique insight into the technical and business-related aspects of global corporations. Drawing from the IT and Legal departments of Fortune 50 companies, the Client Advisory Group group has the experience and understanding to handle even the most challenging corporate quagmires in the interest of creating proactive policies. In concert with the legal expertise of inside and outside counsel, the group can construct a solid framework for an effective proactive policy. The recipe for success also requires the input of IT departments, corporate leaders and stakeholders within key departments to support and collaborate on the effort. Only through this combination of factors will a proactive policy be successful.
Knowing the leader behind NightOwl Discovery CEO, Andrea Wallack
Andrea guides the company’s high-level direction and growth as CEO and Chairman of the Board of Directors. Under her oversight, NightOwl has become a nationally recognized leader in crafting customized discovery solutions. Andrea specializes in leading teams who advise clients on global discovery, data privacy, advanced data analytics and compliance matters.
"We understand what works and what doesn’t. We don’t hide from problems or tough conversations. We embrace them.”