E-discovery policy goes beyond ordinary storage
What happens when a company is faced with a lawsuit or a subpoena, and has to produce an enormous amount of documentation in a short period of time? More often than not, those documents are stored electronically, and may be held in old archives off-site. Being able to find and retrieve them quickly is essential.
E-discovery can be a big issue for a large enterprise, and it can be expensive. Planning for it involves both the IT and legal departments, and it requires setting data retention and backup policies and procedures ahead of time, long before the need for e-discovery is realized.
If your backup volumes and archives are searchable, are they ready for e-discovery? Not necessarily. E-discovery is a highly specialized field that transcends the technology itself, and is guided by lawyerly protocols and extra precautions. The collection phase of e-discovery can be quite challenging, and it calls for an e-discovery policy to be created and adhered to ahead of time. The policy includes not only the standard storage and archive protocols, but will include procedures about retention period, and procedures for implementing a “legal hold” on data that might otherwise be deleted.
To clear up a bit of confusion: E-discovery isn’t just ordinary backup and search. Legal counsel may for example, require access to information that isn’t traditionally contained in archives, such as data stored on individual employees’ work PCs in calendar applications, audio files, or even web browser histories. A protocol for accessing, under legal guidance, individual desktops as well as the standard archive and backup volumes must be a part of the e-discovery policy. Meta-data also needs to be preserved about each file, for example, metadata that shows when each file was most recently opened or changed.
And most importantly, just having a distinct e-discovery policy (in addition to your ordinary backup policy) can be a good tool for your legal department, just for the purpose of proving that you are diligent about recording relevant information and following data preservation procedures. Without an actual e-discovery policy in place, the opposing counsel could always argue that evidence is inadequate or incomplete.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
An IT Guy Who Gets It
Great post. Short, succinct, to the point and right on point for the difficulties this genre presents to IT staff. If you have any responsibility for managing information in your organization, legal response (use of the information to meet a legal threat to your business) must be paramount in your mind when designing and implementing systems, policies, procedures and practices.Nicely put
Nicely put. I don't know how much it will resonate with IT staff members. Sometimes folks think they should/can do everything themselves. But just like plumbing, most of the time you will be better off in the long run if you hire a professional plumber for the complicated work (like E-discovery). Just don't hire someone who is going to rip you off!