The cost (both financial and time) of eDiscovery is substantial. In fact, it's only getting more prohibitively expensive as data storage gets cheaper and easier to set up and companies have to comb through an ever-increasing amount of information.
Being unprepared will be expensive
An article from InsideCounsel lays out the unfortunate landscape for organizations when it comes to eDiscovery.
Given the nearly unlimited storage reality that the cloud is promulgating, the question shouldn’t be, “What does it cost to keep data indefinitely?” Instead, the more germane question is, “How much will it cost to search through endless terabytes/petabytes of data when there’s a governmental inquiry, e-discovery event or internal investigation?”
On average, to conduct an eDiscovery alone, with the amount of electronic data most companies have these days, will cost ~$3 million USD, notwithstanding any other legal representation fees.
With most IT departments typically focusing the IT purchase around ROI or ability to perform disaster recovery, the hidden cost of not having a well thought through plan to manage a litigation event can be a costly, or worse, a terminal error.
The biggest disconnect most companies have with litigation is how quickly any legal event drains operating cash away from a company’s reserve because they are not familiar with how the US legal system works. Even before you ever step a foot into a courthouse, the defendant has a burden of proof to gather, review, and produce relevant records to the lawsuit in a timely (often short turnaround) manner as dictated by the court. Just imagine spending $3M in 90 days, with no guarantee of the outcome. What does that mean to your company operation and bottom line?
Most SMBs don’t have enough cash reserve to sit through an entire litigation, or even just the eDiscovery phase. Hence, for the most part, you will see that most cases are settled out of court whether the defendant is guilty or not of the accusation against them.
There are immoral entities such as companies using patents as an offensive weapon to either take out or acquire its competition or patent trolls that understand this concept extremely well and have made a business model out of this burden of proof.
Additionally, an article from In-house Access brings up some interesting points about discovery and the associated data privacy laws. In general, courts in the United States allow very broad discovery. There has been movement to limit the scope, especially when it comes to eDiscovery, but as of now large amounts of data are required for discovery. Because these rules focus on the parent companies, it includes all subsidiaries (even those outside the U.S.), which can result in a direct conflict with the data privacy laws in that country.
Develop proactive policies
In-house counsel need to be proactive and consider these issues to create a plan of action for when this situation could arise.
Understand the scope
As with any project, it is important to know the scope of the information governance initiative. Often in large organizations, have a "pilot" department allows for an honest critical assessment of the IG initiative and what might need to be tweaked before rolling out to the rest of the enterprise.
Also related to scope, is the data itself. Where is the data being held? What rules and policies are currently in place? What are the points of weakness in the current processes? These questions will help direct the information governance initiative.
In a previous blog post we laid out 5 steps to engage internal stakeholders. Being able to demonstrate a complete understanding of what everyone is trying to achieve will go a long way. People want technology for what it can do, not for its own sake. How does what you’re proposing tie into business goals, strategy, and pain points?
Whenever you’re talking about what you want to get done, ask yourself whether you’re talking about the benefits or the features. A feature of a new information governance initiative might be a detailed file plan or legal hold capability. That’s less compelling than:
- Saying an employee will save three to four hours a week in what is currently time lost searching for a record, or
- They can rest assured their important records are being properly managed
Now that you have understood the current policies and processes, it is time to correct any errors or inefficiencies and ensure these actions are coordinated across departments and repositories. Without proper alignment, the IG initiative will not be able to have the impact that it should.
An important part of an information governance initiative is an effective file plan. CLICK HERE to download our file plan that we use here at RecordLion and click on the banner at the bottom of this post for our new white paper that explains the process of building a file in detail.
Don't let perfection be the enemy of good information governance. Every day that an IG initiative is delayed, more and more data is created and becomes potential ROT and a major compliance risk.
As mentioned above, start small with a single department and learn best practices along the way. There is not a single path to complete information governance. Every industry and organization present unique challenges and opportunities.
Overall, in-house counsel must take the lead on this issue and push the organization to be prepared for issues associated with eDiscovery. Having a solid and compliant information governance strategy is critical when discussing eDiscovery and the cost and time associated with it.
Posted by Kevin Bley