In the Event of an eDiscovery Emergency, Break Glass: Preparing for the Inevitable

The incredible information explosion of the last decade -- including the proliferation of collaboration tools such as Sharepoint and all other Web 2.0 applications, text messages, voicemails sent directly to email, social networking, IM messages -- together with the stiffening of records retention consequences and the increasingly stringent records requirements on corporations have all contributed to creating an Information Management Perfect Storm for today's corporation. Courts and regulators expect corporations to know what information and records they have, where same are located/stored, and also to be able to identify, collect, retain, and produce such information in a timely fashion and in a useful (i.e. native) format.

Not having a well thought out information management structure that is adhered to by all employees and a means for quickly organizing the various information repositories and tools can cost more than just money. It can also cost a corporation in terms of lost claims, insufficient defenses, tarnished reputation, and employee frustration and turnover.

Assuming that a corporation has done as much as it possibly can to organize its information and records in a logical fashion while at the same time capturing appropriate metadata and doing all of the other fundamental records management activities, here are two specific things that a corporation can do to prepare for the inevitable litigation, as it is only a matter of time before the corporation wants to sue or is itself sued by another corporation or individual.

Prepare an eDiscovery "Break Glass" Plan

The obligation to preserve records/evidence in any litigation matter arises when litigation has commenced (i.e. the statement of claim has been issued) or it is reasonably foreseeable that litigation will occur. So what happens then? Obviously, relevant records need to be preserved, but how does your corporation go about doing that? It is absolutely essential that an "In the Event of eDiscovery, Break This Glass and Follow These Steps" plan is prepared in close consultation with a corporation's in-house and external legal counsel.

Some of the items to consider in preparing the "Break Glass" plan are as follows:

1. Who is on the eDiscovery Dream Team and who is responsible for notifying them of the actual or threatened litigation? The eDiscovery Dream Team likely comprises your external counsel, who will in all likelihood be leading the charge, together with in-house counsel, IT professionals (system architects, records management system administrators), members of the business that were involved in a particular deal or matter during the honeymoon (which is now ending in divorce) and so on.

2. How will custodians of information/records be identified?

3. Who will prepare the preservation/hold letter or email to send to all custodians?

4. Who will be responsible for taking physical or electronic possession of all relevant records and information sources (i.e. hard drives, etc.)?

5. What procedures will IT use to ensure that all records are collected and stored, including how metadata will be managed, the format that files will take, and so on?

6. When and how will external vendors form a part of the process?

7. Depending on the matter (e.g. termination of an employee), what needs to be done forensically to restore hard drives?

8. What internal auto-deletion processes need to be turned off and for which users/custodians?

Test the "Break Glass" Plan: Carry Out an eDiscovery Fire Drill

It is one thing to have a plan in place, but how well does it work in reality? As the potential consequences of getting eDiscovery wrong can be quite disastrous (for example, imagine if the information collection process/tool changed all of the metadata and made it impossible for any of the records to be authenticated, meaning they were inadmissible in court? Imagine further that in this example, the amount of money at risk in the claim could make or break your company...), it is important that all players involved, from internal IT, Law, and Business groups to external counsel and eDiscovery/records vendors, know their roles and responsibilities and that there are back-up personnel in place in all key areas that know what needs to be done, as timing will be critical.

Make sure that your external consultants and counsel evaluate how well the plan worked and implement their suggestions to improve the process. Every eDiscovery will have its nuances, but if you can have a eDiscovery Break Glass Plan in place, it will at least cover the most important bases and drive your corporation to continually improve its eDiscovery and records management capabilities, which will minimize the cost of eDiscovery and put you in the best position possible to win or significantly reduce potential losses through litigation.