eDiscovery and Records Management

Records Management- Historical Perspective- Paper

Historically- Paper was the “Corporate Memory” – a physical entity driven by the need to retain items coupled with the availability of space to store them

Insured authenticity (originals) and access.

Records Management- Digital Perspective

Records management is no longer visible. Digital information accounts for greater

than 80% of all records.The logical location of these stored

electronic records is controlled by computers. And, although, it may appear to be less costly to store digital information, it is important to develop meaningful retention policies.

Consider... A 2006 Survey (ARMA AIMM) of 17,000 Businesses, Government agencies, & non-profits and associations presented the following results:

While 87% of organizations had formal record management programs, over 32% of them were rated as ineffective . (2005 Survey = 85% and 41%)

Over 43% of the record management programs did not address electronic records. (2005 Survey= 47%)

43% (vs 46% in 2005) did not have a formal plan for discovery requests for records including litigation hold orders and 53% (vs 65% in 2005) of them that did have litigation hold procedures did not include electronic records.

49%(vs 60%) did not have a formal email retention policy. Impact of Sarbanes-Oxley Act on record management

program has increased 56% since 2003.

Goals of a Sound Records Management Program

PreservationCompliance with Regulations & Statutes.Mitigate Legal Risk.Reduce Litigation and Discovery Costs.Enhance Knowledge Management and

Increase Productivity.

Preservation

Anticipation of a Claim is all that’s required to trigger the duty to preserve potentially relevant evidence.

Effective email preservation (or destruction) is difficult. Other issues that must be addressed:

– Hardware/software changes.– Employee turnover.– Reminders to organization.– Suspension of defragmentation, alteration, wiping etc.– Responsive vs. Reactive preservation.

Compliance and Risk Mitigation

Sarbanes-Oxley.HIPAA.Gramm-Leach-BlileyThe potential implications of

Zubulake

<Insert Slide Title Here> Compliance with organizational policies, industry standards, local, & National Government laws and regulations dictate evolving retention periods for all types of Data including Emails.

Sarbanes-Oxley Act (SOX)

HIPAA

SEC 17 CFR Part 210 Florida Sunshine Law NASD 2860/3010/3110 FDA Electronic Communications and Transactions Act National Labor Relations Act Employee Retirement Security Act of 1974 Americans with Disabilities Act OSHA

Medicare Conditions of Participation Title VII of the Civil Rights Act of 1964

Over 6,000 State & FederalCompliancy Laws &

Regulations!

Costs

Understand the cost of preservation vs automatic destruction policies.

Make sure that you establish methods to reinforce your policies and test their effectiveness.

Anticipate litigation.

Knowledge Management

From a legal perspective maintain your records so they can be updated and be useful for future needs or litigation.

Some of the questions you must answer for your client or company

Has relevant data been properly preserved? What is the time, difficulty, costs to recover and

retrieve relevant data? What business disruption will occur?

How can relevant data be identified and irrelevant or privileged data be sorted out?

How can this data be preserved to be used for potential future requests or other matters?

Changing Perspectives on Record Management

Ignorance no longer a valid defense.e-Mail retention policies are difficult or impossible

to put in place.Sarbanes-Oxley requires compliance, yet is vague

in many areas.Cost shifting strategies and burdensome

arguments have a very low success rate.

Best PracticesProactively prepare for future litigation.Map critical electronic data, systems and

backup media.Align Legal, IT and the Business.Disaster recovery strategies must no

longer be the only purpose of record retention.

Create evidence management/ preservation programs and publish, publish, publish

Example Create the Retention schedule/ guidelines and publish to a

employee handbook Create a list of every department and division within the

corporation and then within that department each major category of documents

Create a complete numbering system; i.e LEG-0110-020; representing the Legal Department, the Litigation division, and expense records

For LEG-0110-020 define the details for that record type electronic and paper life…i.e; online for 3 years, after that destroy, any events that could have an impact, etc.

Create a records retention manager and hotline for monitoring and answering immediate questions.