E-discovery policy goes beyond ordinary storage
What happens when a company is faced with a lawsuit or a subpoena, and has to produce an enormous amount of documentation in a short period of time? More often than not, those documents are stored electronically, and may be held in old archives off-site. Being able to find and retrieve them quickly is essential.
E-discovery can be a big issue for a large enterprise, and it can be expensive. Planning for it involves both the IT and legal departments, and it requires setting data retention and backup policies and procedures ahead of time, long before the need for e-discovery is realized.
If your backup volumes and archives are searchable, are they ready for e-discovery? Not necessarily. E-discovery is a highly specialized field that transcends the technology itself, and is guided by lawyerly protocols and extra precautions. The collection phase of e-discovery can be quite challenging, and it calls for an e-discovery policy to be created and adhered to ahead of time. The policy includes not only the standard storage and archive protocols, but will include procedures about retention period, and procedures for implementing a “legal hold” on data that might otherwise be deleted.
To clear up a bit of confusion: E-discovery isn’t just ordinary backup and search. Legal counsel may for example, require access to information that isn’t traditionally contained in archives, such as data stored on individual employees’ work PCs in calendar applications, audio files, or even web browser histories. A protocol for accessing, under legal guidance, individual desktops as well as the standard archive and backup volumes must be a part of the e-discovery policy. Meta-data also needs to be preserved about each file, for example, metadata that shows when each file was most recently opened or changed.
And most importantly, just having a distinct e-discovery policy (in addition to your ordinary backup policy) can be a good tool for your legal department, just for the purpose of proving that you are diligent about recording relevant information and following data preservation procedures. Without an actual e-discovery policy in place, the opposing counsel could always argue that evidence is inadequate or incomplete.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
An IT Guy Who Gets It
Great post. Short, succinct, to the point and right on point for the difficulties this genre presents to IT staff. If you have any responsibility for managing information in your organization, legal response (use of the information to meet a legal threat to your business) must be paramount in your mind when designing and implementing systems, policies, procedures and practices.Nicely put
Nicely put. I don't know how much it will resonate with IT staff members. Sometimes folks think they should/can do everything themselves. But just like plumbing, most of the time you will be better off in the long run if you hire a professional plumber for the complicated work (like E-discovery). Just don't hire someone who is going to rip you off!